1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Some problems with Tomato Shibby 1.28 v115

Discussion in 'Tomato Firmware' started by Ciprian Trofin, Nov 25, 2013.

  1. Ciprian Trofin

    Ciprian Trofin Reformed Router Member

    I just installed Tomato Firmware 1.28.0000 MIPSR2-115 K26 USB AIO-64K on Asus RT N66U (including the "clear the NVRAM" step)

    My problem: the router is not accesible via it's WAN IP. From a LAN computer I can access the admin GUI via the LAN IP, but not via the WAN IP.
     
  2. darkknight93

    darkknight93 Networkin' Nut Member

    Habe you Set remote Access to http/https? Or Do you want to reach other Services like ssh on your router via wan?

    Screenshot_2013-11-26-00-14-30.png
     
  3. Ciprian Trofin

    Ciprian Trofin Reformed Router Member

    I don't want remote access to GUI (Web Admin), I just want to be able to access devices behind the router (port forwarding).
     
  4. koitsu

    koitsu Network Guru Member

    I've bolded the problem -- please do not do this. NAT loopback is known to cause serious problems (esp. with performance) when used. If you want me to spend the time digging up the threads discussing it, I can do so.

    Simply put: when on your LAN, access your router via its LAN IP, not it's WAN IP.
     
  5. Ciprian Trofin

    Ciprian Trofin Reformed Router Member

    Thank you for the hint and offer, but - following your advice - I already found something in forums.
    However: NAT loopback is activated (ALL), therefore - IMHO - should work. If it is known to cause problems, the concerned user should simply disable it.
    I'm only interested in testing the forwaded ports, but that does not work either.
    I know, if I need a way to test, on the WAN side, that forwarded connections are working, I can use some Internet resources (http://www.t1shopper.com/tools/port-scan/ or http://www.yougetsignal.com/tools/open-ports/) but it's not something I preffer :confused:
     
  6. koitsu

    koitsu Network Guru Member

    There are many resources to test such things Internet-facing, and if you don't have friends who can help you (do people not know how to use telnet or netcat? :-( ), then using those resources is your only choice.

    Furthermore, because of NAT loopback, testing port access to your WAN IP from your LAN will give you seriously skewed results. You need to test from an actual device on the Internet that sends packets literally through the wire connected to your WAN port. So using those resources is your best choice.

    I cannot help past this point.
     
  7. Ciprian Trofin

    Ciprian Trofin Reformed Router Member

    Thank you.
     
  8. Aleksazhko

    Aleksazhko Reformed Router Member

    just tested external web access. Works flawlessly. Reflashed today, even without clearing nvram. Build 115. But I have ac66u.

    About loop lan - (wan interface) - router face.
    Guys. Do you really think if this gadget does 800Mbit/s NAT, it's SO HARD to make some loop through several interfaces?
    I use many routers with Tomato. For example, at home I use linksys E4200 v1 with Shibby onboard. In my home network I use several devices with web interfaces. Portforward — I have an access. I use Google Chrome logged into my google account from several places with my home devices — dyndns&portforward. Even when I'm at home, i click on bookmark bar button (dyndns=wan) and see no glitches. Fast, smooth. What's a problem?

    Once I've seen the problem in such scheme with StoneGate firewall (kind of server), when it has shrinked bandwidth licence. In that times that company had 35MBit/s internet connection and 55MB/s license for firewall. And we've expierenced license limit exceeding. There was some loops with huge amount of traffic from laptops. Usually laptops used external address of our services (email, etc...). And when laptop has been inside of our network, it used walked through Firewall twice: to external IP address and backward.
     

Share This Page