TPG Community

Get online support

Port forwarding on HG659 not working

sleepless3922
Level 2

Hi @Mc_Gerald,

 

should i have the loan router or the original router plugged in when they call?

 

Thanks

Riezl
Moderator

Hi @sleepless3922,

 

Please have the loan router connected so we can check if it will resolve the porting issue.

 

Please expect a call from our Technical Team around 10am today.

 

Thank you.

sleepless3922
Level 2

Hi there,

 

I received a call and gave the same information that I have previously given so for the sake of possibly investigating this and passing this on to another team to look at, this is what has been done:

 

1. tried to port forward with teh H659 router without success.

2. I plugged in another NBN router, configured it and then attempted to port forward on that. No success

3. I have plugged in the loan router and attempted to port forward with that. No success

 

note: to check that the ports are open, i create the rule and then go to canyouseeme.org and scan the appropriate port. Tested on ports 80, 21,8080, 8000, 3339.

 

Three routers and none of them could forward the ports to the server. The server has no firewall running, and I have disabled the firewall on the router and still nothing.

 

I hope that this helps.

cheers

sleepless3922

sleepless3922
Level 2

Hi guys,

 

the new username that I was given to put into the loan router didn't make a difference. I've found the following since then. When i put my router back on the connection and set a machine to DMZ, some of the ports open but none of the custom ones that I need. 

 

Should i send the loan router back? It says I have 2 weeks to return it or I'll get charged for it.

 

Please let me know.

 

Thanks

Riezl
Moderator

Hi @sleepless3922, thanks for letting us know.

 

Have you tried checking the firewall configuration on your server?

 

We have tested the Port Forwarding feature on the Huawaei HG659 Modem and we are unable to find any issue. Thus, we have provided a Loan Modem for comparative testing and allow you to use a test account to rule out any possible modem issue.

 

We'll forward your message to our Technical Team to check what else can be done.

 

With regard to the loan modem, you need to return it on or before 09/March/2018.

sleepless3922
Level 2

Hey all,

 

Might as well close this one off. I've just had to DMZ a server and then do some fun stuff to use OpenVPN via a standard port and then a few other things to get the access to work.

 

All good for now.

 

Cheers

sleepless

3n4nicaTOR
Level 2

I had exactly the same problem, I'm a HFC NBN user with VOIP.

To troublshoot:
You could enable either http or https remote access and both ports could be checked as being open by using internet based services for that purpose. Then turn remote access off and all 65000 ports are closed again. So it proves it can open ports to the internet.

 

Use these tools or similar to check. I also had a dynamic DNS hostname to use (no issue).
http://www.ipfingerprints.com and http://www.whatsmyip.org/port-scanner/ are both good and reliable.

I moved on to configuring the port forwarding rules (or Virtual Server in Tp-Link speak). No matter what port I selected and tested - for port forwarding, it simply wouldn't work. TPG Support were hopeless or to be more acurate were actively looking for an exuse to say "its what we consider an advanced option so we cant help you". They constantly failed to understand the technology in play and kept trying to send me to vendor sites so I could find my own solution to the routers they provide (as you have no consumer choice). They sent out 2 replacement HG659 units and guess what? Same problem..no Port Forwarding. Then they suggested they send me a new model, which is the TP-Link modem which is being provided to new NBN customers, with this new firmware [Version:0.1.0 0.9.1 v5006.0 Build 170630 Rel.49402n] pre installed. Guess what? Same problem..no Port Forwarding.

 

This leads me to dedcue the problem isn't on the router at all. So I looked through what was working and decided to try DMZ which is basicaly an option opening up all ports and forwarding them to a machine inside my LAN. *This inst something you should do lightly becasue you have to then secure that machine properly.

I configured the DMZ anyway and save the configuration....only to be met by this error.

 

Error Code: 4631
The current settings confict with the Internet access of CWMP service.

 

This error is thrown by the CWMP Service...which this router provides no management options to turn off. TPG use this to magically configure the modem when you plug it in and when they need to run diagnostics (supposedly). So its either the CWMP service on my router/modem which is causing the constant issue or the configuration of the CWMP server its talking too; which is sending the wrong configuration to my router/modem. So this was another dead end for functionality but fruitful in providing usefull information that perhaps someone at TPG could actually investigate?

 

I kept looking and could see that UPNP was working just fine. Maybe there was a simple way to get UPNP to configure the illusive port forwarding functionality that eludes TPG?

 

Guess what there is and it works on any router/modem that supports UPNP.


Even the HG659 Smiley Happy   

 

SOLUTION/WORKAROUND for both HG659 & TP-LINK routers

1. Make sure the router/mdem has UNP turned on. To flush the settings simply turn the UPNP service off and on again.
You will see any currently (or active) mapped ports displayed in a list as applications request them. This is how games/skype/etc can be played behind the same router with unique communication paths.
You can do the same using a simple utilty.

 

2. Choose a software solution that will be used to remotely tell the router/modem to map the required ports.

WIndows:
UPnP Wizard (free)
Albertino Port Mapper (free)

 

Linux: Configure the UPNP-router-command package or something similar (requires desktop) or configure another package which offers commandline support. You will need ot know what you are trying to achieve to select this path, but as with all things linux it will require the least maintenance by you in the future. Set and forget.

I choose to use "UPnP WIzard" for this exmaple.

a) Start "UPnP Wizard" (after extracting it to a folder - no install required).
I will immediately talk to your gateway router and retrieve the current list of application mapped ports. You just need to find one which isnt configured or in use already.

b) Pick a number between 1-65000 to use for the port which will received incoming reques/traffic from the internet.

Lets use 22
Check the stautus from the internet of the port.

 

Host is up.
PORT STATE SERVICE
22/tcp filtered opequus-server

"filtered" means its block by a firewall (currently)

 

c) using "UPnP Wizard", click the + button and add your port forwarding configuration.


Name = enter something meaningful like "NASSSH"
externel port = 22 < can be any number betweeen 1-65000
internal port = 22 < can be any number betweeen 1-65000
internal port = 192.168.1.00

 

"UPnP Wizard", Click OK. That's it. No reboot of any device needed.This is dynamic or realtime.

Check the status of the port from the internet and from TPG's router/modem page for UNP.

 

Host is up (0.36s latency).
PORT STATE SERVICE
22/tcp open opequus-server

 

No rebooting of the router/modem is required at any stage!


The configuration will last until the router is rebooted or you delete the port mapping in "UPnP WIzard.
Simlply leave the app running for piece of mind or at least have a shortcut to it if needed.

 

Happy port forwarding. Hope this saves some pain.