1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Help Forwarding Port using Tomato Firmware

Discussion in 'Tomato Firmware' started by ChuckHL, Aug 26, 2013.

  1. ChuckHL

    ChuckHL Serious Server Member

    I need help on how to forward a UDP port to another UDP port on my router. If my router gets assigned an IP of a.b.c.d, I want to be able to forward connections coming in port T to port S in the same router. To clarify, I'll explain my current situation.

    I am currently hosting an OpenVPN Server in my router with Tomato 1.28 Shibby v112. My OpenVPN Server is listening in PORT 50505 UDP (I chose a random port because at some locations I go to, port 1194 is blocked). What I want to do is to FORWARD port 1194 and port 53 both UDP to port 50505 of my router.
    (I know port 53 should not be used for this since its reserved for DNS services but I don't host any DNS service and some hotspots block most ports).

    I tried to use the "Port Forwarding" page on my router and tried to forward the ports and it only works if in the "Internal Address" value I set the External IP address assigned by my ISP (187.x.x.x). If i put the internal ip address of my router ( it does not work and I cannot connect to my VPN on those other ports.

    What I need to do is one of the following two options:
    1) I need to be able to forward ports 53 and 1194 both UDP to 50505 UDP preferably through a script. If it is a script, it should not required me to type my external ip assigned by my ISP in it since that IP changes every time I reconnect.
    2) I need a way to Open port 50505 from the LAN side so that I can use the Forwarding Page and set in the "Internal Address" value, the value of the router's internal ip address.

  2. koitsu

    koitsu Network Guru Member

    Do this from the CLI:

    iptables -t nat -A WANPREROUTING -p udp --dport 53 -j DNAT --to-destination :50505
    iptables -A INPUT -p udp --dport 50505 -j ACCEPT
    If this works for you (test it in real-time), then you can make it permanent by adding it to Administration / Scripts / Firewall in the GUI.

    Reference: http://www.linksysinfo.org/index.ph...-over-remote-port-53-error.60427/#post-215119

    I cannot help past this point.
  3. ChuckHL

    ChuckHL Serious Server Member

    Thank you very much Koitsu, I used that script and it worked like a charm.

Share This Page