trying to port forward

  • Thread starter Thread starter nettlemark
  • Start date Start date
N

nettlemark

Hi
I am trying to port forward. So far I have
- declared the port open in the client app
- setup rules in my router that (should) allow access to the same port
- setup a static IP (may be the wrong term, but I have defined the IP
rather than let the ISP determine it)
- allowed the app to act as a server in Zonealarm (free version)
- set the app as an exception in xp security centre

When I go to http://www.canyouseeme.org/ it announces my IP
incorrectly, ie its not the IP address that I defined. I type in the
port I am trying to open and it times out trying to find it.

I am a complete noob at port forwarding - but thinking logically about
it I should have overcome all the barriers between the app and the
outside world, but its still not working.

What have I missed?

Thanks
 
I am trying to port forward. So far I have
- declared the port open in the client app
Click to expand...

O.K. Could you be more specific. It is easier to explain things with
your actual settings instead of referring to it verbally...
- setup rules in my router that (should) allow access to the same port
Click to expand...

What settings did you use exactly? What router?
- setup a static IP (may be the wrong term, but I have defined the IP
rather than let the ISP determine it)
Click to expand...

That is not correct. You should setup a static IP address on the
computer which is the destination of the port forwarding. If the
computer does not have a static IP address but gets a dynamic one
through DHCP the IP address of the computer can change after some time.
To have a working steady port forwarding the computer should have a
static IP address.

You can either setup the static IP address on the computer itself
(configure the TCP/IP settings on the local area network connection) or
your router may have the ability to assign fixed IP addresses to the
computer. But this depends very much on the router you use.

You are not supposed to change the internet settings on the router! If
your ISP requires DHCP on the internet connection you must use DHCP. It
may work for a while to use a static IP address on the connection but it
is impossible to tell how long. Therefore, if you changed the internet
connection settings on the router set them back to what it was before.

You can see the current IP address of the computer in the network
connections control panel if you click on the icon of the local area
connection (or the wireless connection if the computer is connected
wireless to the router).
- allowed the app to act as a server in Zonealarm (free version)
Click to expand...

For test purposes you should turn off ZoneAlarm. As you are running
behind a router the computer is not directly accessible from the
internet except for the port forwarding. To rule out the ZA is causing
the problem, turn it off completely or deinstall it.
- set the app as an exception in xp security centre
Click to expand...

This looks to me as if you are running two firewalls: ZoneAlarm and the
XP Firewall. Do not do that. Two firewalls won't increase security. On
the contrary, they may affect each others performance and cause other
problems. Thus, you have to decide which firewall you want to use in the
long run. For test purposes you should also turn off the XP firewall.
When I go to http://www.canyouseeme.org/ it announces my IP
incorrectly, ie its not the IP address that I defined. I type in the
port I am trying to open and it times out trying to find it.
Click to expand...

A standard router with NAT is used to share a single public internet IP
address (which you would see in www.canyouseeme.org) with several
computers connected to the router in a private LAN. The private LAN uses
private addresses like 192.168.*.*. These addresses are assigned to the
computers and devices in the LAN. The router maps between the public IP
address and the private ones.

Thus, while canyouseeme shows you the public IP address that IP address
is not the destination of the port forwarding. The destination is the
private IP address of the computer to which you are forwarding the port.
In other words, it is perfectly normal that you see a different IP
address on that website then configured in the port forwarding.

Still, if it is a TCP port forwarding to a TCP server the port should be
recognized as open.

Gerald
 
Gerald Vogt said:
O.K. Could you be more specific. It is easier to explain things with your
actual settings instead of referring to it verbally...


What settings did you use exactly? What router?


That is not correct. You should setup a static IP address on the computer
which is the destination of the port forwarding. If the computer does not
have a static IP address but gets a dynamic one through DHCP the IP
address of the computer can change after some time. To have a working
steady port forwarding the computer should have a static IP address.

You can either setup the static IP address on the computer itself
(configure the TCP/IP settings on the local area network connection) or
your router may have the ability to assign fixed IP addresses to the
computer. But this depends very much on the router you use.

You are not supposed to change the internet settings on the router! If
your ISP requires DHCP on the internet connection you must use DHCP. It
may work for a while to use a static IP address on the connection but it
is impossible to tell how long. Therefore, if you changed the internet
connection settings on the router set them back to what it was before.

You can see the current IP address of the computer in the network
connections control panel if you click on the icon of the local area
connection (or the wireless connection if the computer is connected
wireless to the router).


For test purposes you should turn off ZoneAlarm. As you are running behind
a router the computer is not directly accessible from the internet except
for the port forwarding. To rule out the ZA is causing the problem, turn
it off completely or deinstall it.


This looks to me as if you are running two firewalls: ZoneAlarm and the XP
Firewall. Do not do that. Two firewalls won't increase security. On the
contrary, they may affect each others performance and cause other
problems. Thus, you have to decide which firewall you want to use in the
long run. For test purposes you should also turn off the XP firewall.


A standard router with NAT is used to share a single public internet IP
address (which you would see in www.canyouseeme.org) with several
computers connected to the router in a private LAN. The private LAN uses
private addresses like 192.168.*.*. These addresses are assigned to the
computers and devices in the LAN. The router maps between the public IP
address and the private ones.

Thus, while canyouseeme shows you the public IP address that IP address is
not the destination of the port forwarding. The destination is the private
IP address of the computer to which you are forwarding the port. In other
words, it is perfectly normal that you see a different IP address on that
website then configured in the port forwarding.

Still, if it is a TCP port forwarding to a TCP server the port should be
recognized as open.

Gerald
Click to expand...

In addition the PortForward.com site may be helpful...

http://www.portforward.com/english/routers/port_forwarding/routerindex.htm

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
Thanks Gerald for your reply

O.K. Could you be more specific. It is easier to explain things with
your actual settings instead of referring to it verbally...
Click to expand...

The app is Azureus. The port I want to open is 64555
What settings did you use exactly? What router?
Click to expand...

The router is an iConnectAccess624W. The rules I set up look like this

Protocol PortStart PortEnd PortMap
Rule1 TCP 6881 6881 6881
Rule2 TCP 64555 64555 64555
Rule3 UDP 64555 64555 64555
That is not correct. You should setup a static IP address on the
computer which is the destination of the port forwarding. If the
computer does not have a static IP address but gets a dynamic one
through DHCP the IP address of the computer can change after some time.
To have a working steady port forwarding the computer should have a
static IP address.
Click to expand...

Yeah maybe I wasnt clear enough - the static IP is set up on the
computer side. I set it up in the connection properties, and have
enterred IP, Subnet Mask, Default Gateway and Primary and Secondary
DNS server addresses after (or while) talking to the ISP.

You can either setup the static IP address on the computer itself
(configure the TCP/IP settings on the local area network connection) or
your router may have the ability to assign fixed IP addresses to the
computer. But this depends very much on the router you use.

You are not supposed to change the internet settings on the router! If
your ISP requires DHCP on the internet connection you must use DHCP. It
may work for a while to use a static IP address on the connection but it
is impossible to tell how long. Therefore, if you changed the internet
connection settings on the router set them back to what it was before.

You can see the current IP address of the computer in the network
connections control panel if you click on the icon of the local area
connection (or the wireless connection if the computer is connected
wireless to the router).


For test purposes you should turn off ZoneAlarm. As you are running
behind a router the computer is not directly accessible from the
internet except for the port forwarding. To rule out the ZA is causing
the problem, turn it off completely or deinstall it.


This looks to me as if you are running two firewalls: ZoneAlarm and the
XP Firewall. Do not do that. Two firewalls won't increase security. On
the contrary, they may affect each others performance and cause other
problems. Thus, you have to decide which firewall you want to use in the
long run. For test purposes you should also turn off the XP firewall.
Click to expand...

OK yep I have only just realised this may not be a good idea - I will
make sure they are off when I test this.
A standard router with NAT is used to share a single public internet IP
address (which you would see inwww.canyouseeme.org) with several
computers connected to the router in a private LAN. The private LAN uses
private addresses like 192.168.*.*. These addresses are assigned to the
computers and devices in the LAN. The router maps between the public IP
address and the private ones.
Click to expand...

OK I understand that better now
Thus, while canyouseeme shows you the public IP address that IP address
is not the destination of the port forwarding. The destination is the
private IP address of the computer to which you are forwarding the port.
In other words, it is perfectly normal that you see a different IP
address on that website then configured in the port forwarding.

Still, if it is a TCP port forwarding to a TCP server the port should be
recognized as open.
Click to expand...

OK, a bit lost here. As per above I have (I think) configured both TCP
and UDP types of connections, or ports. Which type is most common,
would it be UDP?
Gerald
Click to expand...

Thanks again - hopefully that given more to go on.
Mark
 
Back
Top