TPG Community

Get online support

Port Forwarding the Archer VR1600v

gogreenpower
Level 3

Hi Guys,

I have setup my port forwarding rules as per the guide and I can't get anything to open. 

 

If I enable/disable USB Sharing over ftp, I can see that port 21 opens and closes. 

 

30 REPLIES 30
david64
Level 15

Hi gogreenpower.

How do you check if the ports are open or not?

Out of interest, which ports are you trying to open?

Have you made an ip reservation for the computer on the local lan?

gogreenpower
Level 3

hi David,

 

I have checked the ports via port checking websites and physically trying to use them.

I have all devices setup with static IPs on my LAN

I have port forwarded them as recommended.

 

I have just had a call from TPG and he asked to factory reset the router. I done that, set everything back up and still no luck.

 

I want to forward ports 22, 3389. 3390, 8096, 9091, 50001. I had 3389 working prior to the factory reset, now that has gone as well.

 

Gonna have to jump ship if this isn't possible.

david64
Level 15

Hi gogreenpower.

When you use the port checking websites, are you using the correct external ip address of your connection? This should be the one shown by the router and also shows up on the speed test result.

In the port forwarding rules, are you specifying TCP or UDP as required for each port (specify both to be sure).

On the computer with the ports, check they are really open. In command window:

netstat -an

Check that the TCP/UDP ports are "listening".

Check it really is the local address you are expecting with     ipconfig     command.

Do you have a second computer apart from the one where you are forwarding ports to? On this second one, can you telnet to the ports? Ping it first to check connectivity. Then:

telnet 192.168.1.x 22

This tries to connect to port 22 on the server computer (with last digit x, the reserved local address).

gogreenpower
Level 3

Port checking is done with the IP from the router, and confirmed by whatsmyip.com.

 

the router is set to TCP and UDP (ALL)

 

netstat -an

Windows 10

TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING 

 

Linux

tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:9091 0.0.0.0:* LISTEN

tcp 0 0 0.0.0.0:50001 0.0.0.0:* LISTEN

 

ipconfig confirms static ips reserved.

 

Ping and telnet are successful 

gogreenpower
Level 3

like before port 3389 is now open. the others remain closed

 

gogreenpower
Level 3
Host is up.
PORT STATE SERVICE
20/tcp filtered ftp-data
21/tcp filtered ftp
22/tcp filtered ssh
23/tcp filtered telnet
24/tcp filtered priv-mail
25/tcp filtered smtp

 

"A port is marked as "filtered" when the packets are sent to that port, however packet filtering (e.g., firewall) prevents the packets from reaching that port."

gogreenpower
Level 3
PORT     STATE    SERVICE
3385/tcp filtered qnxnetman
3386/tcp filtered gprs-data
3387/tcp filtered backroomnet
3388/tcp filtered cbserver
3389/tcp open ms-wbt-server
3390/tcp filtered dsc

 

If a port is "open" then it means TCP connections are being accepted on that port or there is some UDP or SCTP associations on that port.

Shane
Moderator

Hi @gogreenpower,

 

 

Our security teams have recently identified some potentially suspicious activity relating to the VOIP phone settings of a small number of customers.  Our security teams took pro-active steps to inhibit the activity by blocking the use of some ports on customer modems. It is likely that the port forwarding that you're trying to accomplish was affected by the action of our security team. We recommend to change the default ports to any port number from 30000 to 40000 and let us know how it will go.

 

Cheers!

 

 

PORT STATE SERVICE 3385/tcp filtered qnxnetman 3386/tcp filtered gprs-data 3387/tcp filtered backroomnet 3388/tcp filtered cbserver 3389/tcp open ms-wbt-server 3390/tcp filtered dsc

 

If a port is "open" then it means TCP connections are being accepted on that port or there is some UDP or SCTP associations on that port.

david64
Level 15

Hi Shane.

The security team should be able to give more info on what ports were blocked and which users (the whole 700,000?).

Generally, these applications can't have their port numbers changed. Ports 22 and 3389 are nothing to do with VOIP.