How to get port forwarding to work?

Discussion in 'Sveasoft Firmware' started by morpheus99, Mar 18, 2005.

  1. morpheus99

    morpheus99 Network Guru Member

    I have a problem getting port forwarding to work, it is probably something really simple but I haven't been able to get it to work.

    My setup is a "sip-spoofed" Thomson 510i modem/router and a WRT54GS v1.0 with Satori 4.0GS, the basic functionality works ( I can access the internet from wired as well as wireless).

    I've set up port forwarding (via the webinterface) to a PC with a fixed ip address of for the following ports, 20,21,22,80,3389, when I try to connect from the outside via telnet x.x.x.x portnumber xx or lynx I don't get connected.

    I tried a number of different settings:
    loopback disabled/enabled, no difference
    firewall disabled, this allowed me to connect however this got me connected to the WRT54GS and not to the PC on the inside.

    My guess is that I have to disable the firewall and setup IPTABLES to disable access to the WRT54GS (from the outside) and forward the necessary ports to the inside.

    Or can it be done in a different way, I don't understand why the regular forwarding doesn't work.
  2. t4thfavor

    t4thfavor Network Guru Member

    what are you actually trying here? to access 20,21,22,80,3389
    from internet away from home?

    if so many many isp's block traffic to all of those ports except 80 in order to force you to use a buisness line to have servers. you will have to reset the services to odd ports (out of normal ranges) and then try to connect by doing ipofhost:port# this should get you into the routed boxes..
    that should work.
    did you enable port 8080 as the remote login port?
    if so it will default to that(or 80) if entered into a browser.
    good luck.

    i know port 20 and 21 are for sure blocked. they dont want you to use more bandwidth than you absolutely have to
    bandwidth = money...
  3. morpheus99

    morpheus99 Network Guru Member

    It works now

    I have got it to work by making the following settings:

    loopback disabled

    no port forwarding via the webinterface

    ifconfig vlan1 netmask broadcast;route add dev vlan1;route add default gw

    iptables -I FORWARD -p tcp --dport 80 -d -j ACCEPT
    iptables -t nat -I PREROUTING -i vlan1 -p tcp --destination-port 80 -j DNAT --to-destination

    iptables -I FORWARD -p tcp --dport 21 -d -j ACCEPT
    iptables -t nat -I PREROUTING -i vlan1 -p tcp --destination-port 21 -j DNAT --to-destination

    iptables -I FORWARD -p tcp --dport 3389 -d -j ACCEPT
    iptables -t nat -I PREROUTING -i vlan1 -p tcp --destination-port 3389 -j DNAT --to-destination
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice