Can't get port forwarding to working...

Discussion in 'Tomato Firmware' started by danimaltron, Jun 15, 2010.

  danimaltron

    danimaltron

    I'm sure many of you are sick of seeing these threads. However, I did do my research and tried many different things. I also double and triple checked my config.

    I have a NAS computer sitting behind my router, which hosts FTP, DAAP and can be accessed via SSH as well. I had a Dlink DIR-825 a few days ago, and had a simple port forward for FTP and DAAP to this machine, and it worked perfect. I could access it from the WAN (from work) easily, using my Dynamic DNS.


    - Asus RT-N16
    - tomato-K26USB-1.27.9047MIPSR2-beta16-Ext.rar
    - Yes, I cleared the NVRAM using the "thorough" method after upgrading

    Here is a run down of what I'm doing:

    • Trying to access FTP or DAAP (port 3689) remotely
    • Using DynDNS. Have it set up in Tomato and it says it has authenticated properly, and has been updated recently. If I turn ICMP returns on, I can indeed ping my router on the DynDNS and get a response.
    • NAS computer has a static IP. I am not using static DHCP either. Just configured the computer to use a static IP
    • Accessing FTP using Transmit (Mac) and trying to access DAAP using Sonbird + DAAP client plugin (Mac)
    • All of this worked on my dlink a couple of days ago. I am now attempting to mirror the config in Tomato, but having troubles

    I have tried enabling and disabling UPNP. I have tried changing NAT Loopback to All, Forward Only and Disable. I have made double and triple sure my rules are correct.

    Everything I try makes no difference. I try to connect from outside world, and something is blocking it.

    Interestingly, I can access my routers GUI from the outside world (work) using the DynDNS address on port 8080.

    Attached is a screenshot of my rules.

    Note: All of these services work from the LAN. I can connect to the DAAP locally. I can SSH into the box locally. And I can connect to the FTP locally.

    Second Note: After swapping in this router w/ Tomato, I seemingly have problems with Bonjour. I have AFP shares on my NAS, and they are advertised via Bonjour which makes them show up in Finder on my mac automatically. This worked perfectly when using my dlink. As soon as the NAS computer booted up, it showed up right away. Now it doesn't, even with UPNP and NAT PMP enabled. When I reboot the router, it will sometimes show up in Finder for a second, but as soon as I try to connect, it disappears. I can connect directly via IP address in Finder, but it never shows up properly in finder as a shared drive. This also means it does not show up in iTunes as a shared DAAP server, which is also advertised via Bonjour.

    Really hoping to get some help here. Thanks

    Attached Files:

  mstombs

    mstombs

    What type of modem do you have and what is its local lan address
  danimaltron

    danimaltron

    I have a motorolla surfboard, from Shaw Cable in BC, Canada.

    I am not at home right now, but I know it is very similar to work where I also have Shaw service. For example:

    IP Address : (public IP, assigned to router from modem)
    Default Gateway : (I assume this is the local modem IP, or maybe the ISP's gateway. Not sure)

    I don't believe the modem has any sort of firewall. I made sure to get just the plain modem. This also worked fine before swapping routers as I mentioned.
  danimaltron

    danimaltron

    Also wanted to mention that I upgrades the firmware to Beta16. This seemed to resolve the Bonjour issues I was having. But Port forwarding still seems to be an issue.

    Another possibility is that I'm having trouble connecting FROM work. However, I can connect to many different FTP servers from here. So outgoing FTP is not blocked or anything, and I am using business class services.
  teddy_bear

    teddy_bear

    Did it work for you in previous builds, beta 11 and earlier?

    Beta 16 still has an experimentral addition - Broadcom "fast nat" module. Although I don't have any port-forwarding issues with it, I believe it very well might be the reason for soome problems. I'm now looking deeper into its code (this is the part of the Broadcom SDK that comes with sources, unlike their new conntrack module, or the driver itself), and oh boy - that's one of the crappiest code I've ever seen ;(... Looks more like the code from Asus junior developers rather than the rest of the Broadcom SDK that deals with the hardware...

    Anyway, give beta 11 a try if you have not tried it yet. As for the FTP access, make sure you don't enable built-in FTP if you're using another FTP server on your network. You may also try to toggle the checkbox for FTP Conntrack Helper in the GUI.
  danimaltron

    danimaltron

    Sorry, I looked around, but I can only find download links for Beta16 now in SourceForge. Where can I download Beta11 for my RT-N16?
  mstombs

    mstombs

    In sourceforge - look under the icon for "Rotten"
