WRT54G doesn't port Forward

Discussion in 'Cisco/Linksys Wireless Routers' started by anormand, May 17, 2005.

  1. anormand

    anormand Network Guru Member

    have hard time to get port forwarding working for telnet.

    WRT54G Firmware v3.03.6

    It is pretty simple as configuration:

    Application (Telnet)
    Start (23)
    End (23)
    Protocol (TCP and UDP)
    IP Address (
    Enable (Yes)

    I did try it with and without DMZ, disabling firewall security. Both remote management Lan and Wan on 8080 works fine !!!

    It is now the second router in a row with a week (the first one die during a factory default restore).

    I don't know why it doesn't, I passed 3 hours in live chat with Linksys without succes. And it is not because I never did this kind of setup before. I do it 2 or 3 time a month with different kind of router without problem.

    This customer want something branded Cisco/Linksys as corporate standard!

    Any ideas or suggestions are welcome.

  2. anormand

    anormand Network Guru Member

    Any ideas to make it work.

    The only thing who works on this WRT54G is internet Gateway no port forwarding are able to work!

    Please help!

  3. rjlouro

    rjlouro Network Guru Member

    I have exactly the same problem as you do. Port forwarding does not work no matter what combination of settings I use. here's my experience:

    The machine I want to be visible on the outside is a security camera box that has a web interface. It has a fixed ip adress, and the port forward is well configured. I know it's well configured because It works inside the lan only. if I try to access it from the outside, all ports are filtered.

    First try, it's ISP fault. Called them, they denied any kind of port filtering/blocking. I tried to set up the wan configuration of the router on port 80, I could access it from the outside. So no problems here.

    Second try, enable/disable firewall, no luck. Every time ports filtered on the WAN and port forwarding working on the LAN.

    Third try, put the machine IP on DMZ. No luck, same situation.

    This went for some long hours, trying every combination possible of dmz,firewall,port fotwarding settings and no luck. I even tried to set the router's dhcp server range to ip's that included the static ip machine, and the opposite (not including the static ip machine).

    all netmasks are ok, I can ping the machine from the route and the port forward is working for the lan only. Whatever I do with with the router, the ports are all filtered on the outside except if I set wan administration to some port. I'm about to give up, since Linksys allways gives the same response, either misconfiguration or ISP blocking ports. Any help would be trully apreciated.

    Oh, and yes, I upgraded firmware, did reset's and all that.
  4. taechunsa

    taechunsa Guest

    I am having the exact same problem.

    I can connect with my old DLink router and everything works fine. I can direct connect the server and it works fine. However, every time I connect my WRT54G router the port forwarding breaks.

    I chated with tech support for about an hour. I even had the technician remote access my router and he could never get it to work.

    His final suggestion was that I reflash the router and restore factory defaults and try again.

    Those poor technicians. I have found references to this problem that date back to the first version 3's. Shame on Linksys for not addressing this problem.
  5. rjlouro

    rjlouro Network Guru Member

    some more experiences with this matter.

    I ordered a second one, and tested it at home before installing it at the client. At home port forwarding did work! The only thing different was that the wan ip was a local ip. I was pretty confident it was a hardware problem with the first one, and today I installed the new one. The exact same prlbme s arrived! I just can't port forward anything. nmap from an external machine shows the forwarded ports as filtered, and I can only manage to open ports at the router if I enable remote administration, the port I choose stays open and does work.

    the firmware version with this one was a 3.03.1, and an upgrade to the latest european version (3.03.9) had no effect on it.

    I'm considering installing some other formware, like openwrt to see what happens, but it looks like some pretty stupid bug on linksys firmware.

    Any more experience with this would be apreciated, so we can track what's wrong and make some huge noise at linksys.
  6. Guyfromhe

    Guyfromhe Network Guru Member

    I can't imagine this to be a widespread issue, it looks like it should work on all my routers, maybe you should install a 3rd party firmware and you can run tcpdump on it and find out whats going on...
    at the very least you can check the NAT rules.
  7. rjlouro

    rjlouro Network Guru Member

    Just a quick question before I install some third party formware, can I install an US firmware on e EU wrt54g? I understand that US uses less wireless channels, but that's not a problem since wireless is to be disabled on this one.
  8. malfeasance

    malfeasance Network Guru Member

    P Forwarding

    I can SSH with PuTTy into my network AP and then go to other routers behind it from there. It works normally. I have to forward the SSH port, 22, for the AP's address, say, or whatever you are using for the AP, on the AP's port forwarding page. Then, from outside, give PuTTy the external IP address only for the AP, no port indication, and it works! (When I say "AP" I am refering to the WRT that is connected directly to my cable modem. All of the other WRT's behind it are acting in WDS or Client roles with other "192.168.1.x" IP's, or whatever.)

    You can forward the HTTP interfaces for routers behind the AP with forwarding port 80 for that router's private IP address on the AP's forwarding page. Then, from outside: "http://my_AP's_external_IP_address" Notice no "s" and no port indication. Better still, you can activate HTTPS on the routers behind the AP and forward port 443 on the AP's forwarding page, the port for HTTPS. Then, "https://AP's_external_IP_address" with no port indication. "https://AP's_external_IP_address:8080" still works at the same time to access the AP.

    Anyway, I got that to work and can access five routers via https, though only two at a time: the AP and one WRT behind it.

    PS: Port mappings are found in the /etc/services file.

  9. rjlouro

    rjlouro Network Guru Member


    I installed the latest Seasoft Alchemy firmware and everything works fine! it's definately a firmware problem from linksys. I dunno if it's a european firmware problem or whatever it is, but with linksys formware, the same configuration was a no go. In fact, with linksys firmware I couldn't do a thing, all ports just stayed filtered, as I posted above.

    With alchemy ,I just configured a regular port forward and everything worked out of the box! It must be some stupid firmware bug, but i'm not alone in this, and I ordered 2 of these routers to make sure it was not hardware problem. Both could not port forward under any possible configuration, both DO port forward with alchemy. It's easy to draw a conclusion here =)
  10. malfeasance

    malfeasance Network Guru Member



    Yeah, I forgot to include in my post that I was using Alchemy, and it just works. Might have saved you some time.
  11. malfeasance

    malfeasance Network Guru Member


    By the way, with Alchemy you can use SSH like with PuTTY. And, you can change the port to forward. I just looked through the /etc/services file and found some odd ports that are not being used and forward those for SSH and I can securely log in from afar!

  12. manxi

    manxi Network Guru Member

    Port forwarding won't work, where can I get Alchemy frmware?

    Port forwarding doesn't work for me, I've upgraded to the latest version of the firmware from the linksys site( I've got a WRT54G european version) and from posts here I need Alchemy, where do I get that firmware and does one firmware overwrite the other or does it add onto it?? because I download one DD-WRT firmware which claimed it was derived from Alchemy but I don't know if it is the Alchemy everyone is talking about.

    I need port forwarding so I can get my web servers acessible from outside???

  13. malfeasance

    malfeasance Network Guru Member

    Re: Port Forwarding


    DD-WRT ought to work fine. Need more info. What are your configuration issues? How are you doing it and what are you trying to do, specifically? Ports, etc...?

    As far as dloading Alchemy 1.0, you can get it from this site!
    A firmware flash will overwrite.
    I bet you can get it right!
    Maybe not this night,
    but soon.
  14. manxi

    manxi Network Guru Member

    Ok. After spending hours trying to work this I've managed to figure out most of it. Even then I'm still stuck with a router that cannot port forward. Well here's my configuration.

    I'm a UK user, ISP is Force9(same as PlusNet), I connect using a ADSL2MUE modem(again by LinkSys) using PPPoA. So looking through the first problem I figured that my ADSL2MUE modem has NAT enabled by default and so I had to disable the NAT side of the mode(this causes all sorts of issues like blocking ports, so I hear, reading general documentaion and other google link, etc), by forcing it to work as a bridge. So essentially my modem is just bridging the ADSL side to the Ethernet side( which is connected to the WRT54G router). Assuming that all is OK so far(ie all traffic from my ADSL side is pumped into the WRT54G router and vice versa, no translation and no blocking of ports etc). Assume all ports are forwarded by ISP( I know this 'cos I've already had another modem (a Solwise SAR110) telnet/ssh/etc into my FreeBSD box from an external side, ie the internet). I've also upgraded my WRT54G to Alchemy 1.0, finally I managed to dig this out by folowing a link from www.svaesoft.com , which forwarded me to http://www.wrt54g.com/ which had a copy somewhere. OK so all is well, upgraded to new firmware( with associated Firmware Defaults enabled when upgrading firmware). OK ALL is fine so far, now I reconnect, and go to the first page( and setup my ISP's details, in the PPPoE section( there is no PPPoA section on the first page, as my UK ISP recommends), with all the usename@domain and password sets and also enable DHCP server for local clients connecting. WRT54G connects succesfully to my ISP, retreives my static IP, DNS, etc. All is still fine. Now I can browse the web, all is fine. Now I have a FreeBSD 5.3 box behind the WRT54G, which has an internal static LAN address of, to which I can happily connect using my notebook( which is connected to the WRT54G on, DHCP assigned), on all the relevant ports, 23(telnet), ssh, www, etc. My FreeBSD box can also happily connect to any system on the internet, etc, etc. Also my ISP has four static IP's assigned to me.

    Now the problems begin, I setup port forwarding on the WRT54G for Telnet ( Applications & Gaming -> Port Forward Range -> Application,Start,End,Protocol,IP Address,Enable(telnet,23,23,Both,,checked) -> Save Settings. however when I login to my external CGI server at my ISP's side and reconnect to my FreeBSD box, it cannot connect at all. I've tried www(port 80), etc, etc and nothing works. So I unchecked all the Port Range Forward settings and saved it, and then went to setup Port Triggerring -> Application, Start Port, End Port, Start Port, End Port, Enabled ( telnet, 23, 23, 23, 23, checked)->Save Settings. Retried everything. Doesn't work. Then I checked all Port Range Settings along with Port Triggering, and tried nothing work. This uncheck all Port Range and Port Triggerring setings, went to DMZ-> Enable, 192.168.1.[10], nothing it doesn't work. I simply cannot connect to my FreeBSD from an external system.

    Can you help???

    Another observation, I enable Telnet/SSHD in the Administration->Management section, then login to the WRT54G and did a reboot. On following bootup and after, my WRTG54G fails to even connect to my ISP at all on PPPoE settings above. SI had to reupload the Alchemy 1.0 firware again which doesn't work. But uploading the firmware witht the Frimware Defaults enabled and reconfiguring the WRT54G as above, seems to reset everything and then I can connect to my ISP with the above settings???

    Also how can I port forward by telnetting to the WRT54G??? I've seen the iptable, but I'm not sure of how to use it, anyone??

    Thanks very much in advance.

  15. malfeasance

    malfeasance Network Guru Member



    First question: how are you attempting to log in from outside when all is working and port fowarding only is enabled ? What IP are you using, etc...

    I'm assuming that when port forwarded, you are connecting with a telnet application from outside using your ISP assigned IP for the front side of the WRT as delivered to it from the ADSL modem?

    Second issue: Router craps out (partially?) when enabling both, huh: yikes! What hardware version are you using? And how is your memory doing on the router when those things are enabled? I don't expect there should be a problem with memory but why not top it while they are both loaded and it is showing this problem.

    Also, you know holding the reset button down for 30 seconds should reset to firmware defaults, right? I'm assuming the firmware reflash was necessary because this didn't work.

    My experience with the reset button is that 99% of the time it works with 30 seconds, and the other 1% it takes a little more time and patience to chase out whatever gremlins may have been unleashed. Sometimes 90 seconds; then unplug and let them have some time to escape, etc.... This can bring around a recalcitrant router sometimes, before flashing is necessary. Of course, if one thinks it's too infected after getting it back to defaults, then a reflash can disinfect it. (You found all the software you needed on this site, right?)

    Also, the problems with flashing you mentioned I couldn't quite make out. Doesn't matter, I guess, if you got it to work.

    On a lighter note: How are things in the UK today? It's noon-ish here in Santa Fe and it's superb! 70 degrees, sunny and breezy: just another day in paradise!
  16. manxi

    manxi Network Guru Member


    When I have got it setup(like in my previous post), the router connects and extracts all the details from the ISP and then I connect my laptop to the router as a WLAN client, I can do anything from my laptop as long as the connection is outoing. By that I mean, i can browse the web, nslookup, telnet to my ISP CGI server, SSH, everything. Then I setup port forwarding on my router to point say incoming telnet connections(ie from the ADSL side) to my FreeBSD box, which is on LAN After this I first proceed to telnet to my ISP's CGI server, and then telnet back into to my static IP assigned by my ISP( this has always worked in the past, my ISP's CGI server is just like any other server on the internet). Now I see that I can still browse, telnet, etc, ( ie all outgoing connections are fine) from my notebook, but when I telnet back from my ISP's CGI server to my static IP( which the WRT54G should now forward to my FreeBSD box), it doesn't work. Basically all outgoing connections to the internet from my LAN is working absolutely fine, but no incoming connections into my system. I even tried disabling the Firewall setting in the Security section. I can't imagine this to be the modem's problem as it's only bridging. I can no longer use my Solwise SAR110 modem to check this because it's ROM has completely failed, but it worked beautifully when the ROM was working fine(it has all NAT, filtering, etc features).

    Second issue: I'm not sure how to check to see what the memory is like on the router, however when I upgrade I've had problems when it uses the current settings after the upgrade. As long as the settings are flushed out by setting the 'Firmware Settings' when upgrading the system functions consistently. Maybe it's just that I've tried all sorts of odd configuration and continued to hang onto them when upgrading that it occassionally fails.

    As for the router's version it's a WRT54G v2.0. http://www1.linksys.com/international/product.asp?coid=6&ipid=452

    My ADSL modem is ADSL2MUE http://www1.linksys.com/international/product.asp?coid=6&ipid=604

    On the lighter note, UK weather is wikked at the moment, sunny and nice(skirts are gettin shorter and chicks in parks with g-string showing!!!! oh yes....lovely), but sitting in my room with four boxes( laptop, a high spec FreeBSD box, a Win2k box for downloading(P2P limewire + XNAP, etc), a linux box, + modems, router, hifi and no air-con with all elec equipment connected to some nuclear power station is not fun either, it's ROASTING!!!.

  17. malfeasance

    malfeasance Network Guru Member

    More Discussion

    What happens if you telnet to the IP address on the front side of your router from within your local network? Same thing?

    To check the router memory, telnet in and enter the 'top' command. The memory usage is at the top. Also, the 'ps' command will show how much memory each process is using.

    You used your serial number, of course, and not http://router.IP.address/SysInfo.htm to determine your router's hardware version, right? Just checking. What are the first four digits of your S/N, by the way? Just curious if it's different from US versions. I wonder what other differences there might be, other than the original firmware allowing 13 channels by default?

    If you have things configured the way you want on your router, you can save the configuration on the Administration>Backup page. Choose the "Clich HERE to download a configuration file" choice. Nvrambak.tgz will be the name it wants to choose, but give it a name that reflects the firmware and what ever info you want to remember it by. This way, you can reset to defaults via a 30-second reset button, the only safe way according to the wisdom pronounced here, from hard-won experience, reflash, then upload your configuration file, et voi-la! Back in business in minutes.

    Ahhh!! The g-string! One of the 'Great Magnet's' finest gifts to mankind!
  18. el_magnifico

    el_magnifico Network Guru Member


    Yo Manxi.

    Your ADSL2MUE is the problem, it is a router but not a simple modem. You will have to use it in bridge mode to use a router behind it properly.
  19. manxi

    manxi Network Guru Member

    Yep, I figured that out, that's why I have got it configured in bridge mode as in my post above and setup PPPoE on my WRT54G. Later I started reading up on iptables command, it seems like a very powerful feature. It has access to modifying all the internal routing/filtering table of the linux running in the WRT54G. I then managed to append my own set of rules to the firewall rules there and haven't really succedeed. I've yet to master it. The problem was I couldn't flush out all the rules in it before inserting my own set of rules. Finally i decided to buy a new kit, a NETGEAR384G, it's a modem+router+wireless, it took me no time to get it connected to the internet, just a couple of settings about my ISP and away it went. Then i configured port forwarding on it to try what I did with the WRT54G as above and then I relogged into my FreeBSD box from outside(a CGI server on the ISP side) and didn't work(it made me think that there was something wrong with my LAN side, possible subnet mask?, etc,). There was a lot of reconfiguring, etc, etc. This was because the WAN side of the NETGEAR384G was assigned one of four static IP by my ISP and it would only respond to the IP number it was assigned to and not my domain name. I finally got the Netgear to do port forwarding but wasn't without a sweat. It works. The netgear does lack quite a bit, it cannot map one set of incoming ports to another set of ports on my internal lan, etc, features which the WRT54G has. I'm back at work now, will go home tonight and give the WRT54G another shot before I give up on it totally.

  20. CrashX

    CrashX Network Guru Member

    That is exactly what I'm looking to do, but for some reason I can't seem to find out how. On the port forwarding table on my Microsoft router there were fields for both the Inbound Port(s) and the Private Port(s). On the WRT54G, I only see fields to enter a single range.

    I'm using the DD-WRT firmware in order to use WDS with an Airport Express. Hopefully I can still forward one set of ports to a different set internally. I was thinking about trying iptables, as mentioned in the following post, but I believe that requires the HyperWRT firmware.


    Any help would be appreciated!

    [edit by CrashX]It seems that this post was edited by a moderator or admin, yet no reason was given. It would have been nice to receive a private message, or even a note like this one, with the reason why they found it necessary to edit this post. As far as I know there was nothing inappropriate in the post, and I am unable to find anything in the forum rules that says images cannot be posted.[/edit]
  21. DaRotor

    DaRotor Guest

    I am having a similar problen. Im absolutely sure it's my router.

    When Im connecting wirelessly to my WRT54G from any of my computers, with the ports supposedly fowarded, the port are open.

    When I contact to my modem via my $30 router, the ports work; with no other changes then wiring myself to the cheap router instead of my WRT54G. Also when i wire myself to my WRT it still doesnt open the ports.

    I am runnning DD-WRT firmware atm. I have tried a lot of firmware, but nothing works. Please help me.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice