TPG Community

Get online support

Port Forwarding the Archer VR1600v

gogreenpower
Level 3

so here are two tests done, 3389 is open and working, 3390 is closed, but I dont see either in the results.

gogreenpower
Level 3

have tested from different port checking sites, they all talk between port 443 and 50000+ something

david64
Master

Each trace shows your browser making 2 connections to that website on port 443 (https), sending data and closing. Nothing to see there.

Can you do each test again. For port 3389 test, make the filter:    tcp.port==3389     

and similarly for port 3390:   tcp.port==3390

Attach each screen shot.

Could you also attach the router screen showing the forwarding rules, where you have all the ports going to this computer.

 

gogreenpower
Level 3

the test with filter tcp.port==3390 was empty because I assume I have the rule redirecting it port 3389. So the results for 3390 are for a port scan on 3390 and a tcp.port==3389 filter on wireshark.

david64
Master

Change the rule to forward 3390 to 3390.
No need to test 3389 since you know it works.
Test each port one at a time. Set the filter to display the port being tested. You are looking to see that the SYN frame is captured for each port tested.
gogreenpower
Level 3
david64
Master

The network and router are passing 3389 and 3390 so the others will probably be ok.

You should get the two Windows computers set up in the router. Port 3389 goes to 3389 on the dot 130 computer. Port 3390 goes to port 3389 on the other computer.

Thing I hadn't thought about before was trying to access the same function on two computers (remote desktop on port 3389). This is why you are using port 3390. Router translates it to 3389 inbound to other computer and must also translate it the other way for outbound traffic (3389 back to 3390).

You can install wireshark on the other Windows computer and check each one receives the SYN frame when you test each port. Both should show as open.

MSTSC allows you to specify a port number on the remote computer; default is 3389 going to dot 130 computer; 3390 going to other computer.

You should fix the rules for the Linux ports so they go to the Linux computer. Were you able to telnet to them before? There is also a wireshark for Linux but I'm not familiar with it.

Once this is all working, you will have ip reservations and port forwarding settings. All that is lost if you do factory reset, and the config can't be saved anywhere. Write it all down.

 

gogreenpower
Level 3

I can telnet to the linux fine, LAN wise I can use port 22 and the others. They are running headless so not that easy to use wireshark. Just about had enough. I'm going to change the dot 100 ip as this is the first in the address range to something further down the list, the linux boxes are open as, nothing blocking in there.

gogreenpower
Level 3

nope, changing the ip address didnt do anything. I think at this point its a lost cause.

david64
Master

When you can, post the forwarding rules as they should be where the ports are forwarded to the correct computer. Also, the results from the port testing website.

Probably better to have the static addresses outside the dynamic pool. The router is dot 1; make the static addresses dot 2, dot 3, etc.