Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


208 posts

Master Geek


Topic # 88332 14-Aug-2011 00:35
Send private message

Hi,

Sorry if this has already been addressed elsewhere. Pointers welcome.

I was wondering if inbound TCP ports are 'allowed' via Dynamic DNS through the Telecom NZ broadband service.

Currently my NAS is correctly determining the Dynamic DNS of the Telecom modem interface, so that part works.

I had/have a Linksys WAG120N and service with another provider and the connection works on Dynamic DNS TCP port 50001.

Given I've had a Thomson TG585 v8 for a few hours now, I'm wondering if the same is possible with Telecom NZ broadband and the TG585 v8 modem.

Just thought I should ask before I start messing with port addressing and/or swapping modem/routers around. Smile

At the moment I'm thinking inbound ports are being blocked by the ISP (Telecom NZ)

Thanks for any advise.


Create new topic
600 posts

Ultimate Geek
+1 received by user: 5

Trusted

  Reply # 506162 14-Aug-2011 07:51
Send private message

Tom_Rush: Hi,

Sorry if this has already been addressed elsewhere. Pointers welcome.

I was wondering if inbound TCP ports are 'allowed' via Dynamic DNS through the Telecom NZ broadband service.

Currently my NAS is correctly determining the Dynamic DNS of the Telecom modem interface, so that part works.

I had/have a Linksys WAG120N and service with another provider and the connection works on Dynamic DNS TCP port 50001.

Given I've had a Thomson TG585 v8 for a few hours now, I'm wondering if the same is possible with Telecom NZ broadband and the TG585 v8 modem.

Just thought I should ask before I start messing with port addressing and/or swapping modem/routers around. Smile

At the moment I'm thinking inbound ports are being blocked by the ISP (Telecom NZ)

Thanks for any advise.



Hi Tom,

Dynamic DNS isn't used to modify the port forwarding on your router.  That is typically done using UPnP.  DDNS is used when you have a domain name, and want to point the domain name at your IP address which changes.  For example, if you wanted to run a web server on your DSL line, but didn't want to pay for a static IP address, you would buy a DDNS service.

Since you mention port 50001, I'm guessing Bittorrent.

UPnP support depends on the client and the router.  I believe that uTorrent and Vuze both support UPnP, and it appears that both those routers support the protocol as well (Google says it is so).  Both clients have a "test" mode which will tell you if the router is playing nice.  If it isn't, you can always configure a static port forward rule.

One thing that might be happening is that many ISPs will throttle the common bittorrent ports, if you shift to a less common one (World of Warcraft's for example), you will avoid that throttling.

However, based on my experience, UPnP should "just work".

http://en.wikipedia.org/wiki/Dynamic_DNS
http://en.wikipedia.org/wiki/Upnp
 

Careful with bittorrent though, the 3 strikes legislation's data collection period has started. 






208 posts

Master Geek


  Reply # 506205 14-Aug-2011 11:31
Send private message

Thank you jpollock for your reply.

Sorry I didn't explain myself very well.

I'm talking about establishing a DDNS (DynDNS). Which I have done and the NAS sees the Telecom NZ dynamic IP address. All good.

That done, I want to establish port forwarding using that dynamic IP address, for example using TCP port 8080 or another TCP port for HTTPS from public IP addresses on the Internet. This will then give me access to my NAS from the Internet. (VPN is end goal when I get it configured on my NAS)

I chose TCP port 50001 as it is out of the range of any 'well known' ports, basically just to test the connection works. I did try 8080 and 80 too, just in case I was outside of a TCP/UDP port range and thus being block if Telecom NZ is firewalling inbound connections ?????

Using an Internet sourced public address (not local LAN) one can then test the connectivity and see if the port (connection) can be established or if it's still being blocked.

The only reason I'm doing this is cause I don't have a VPN server on my NAS....yet.

Which means someone may be able to head off the next post if they're happy that VPN tunnels (OpenVPN TCP/UDP port 1194) is supported through the Telecom broadband network. AND even better if they've tunnelled through a Telecom  TG585 V8 modem/router.

I'm using the Telecom NZ TG585 V8 modem/router cause.... it's free, as I have a Linksys E4200 router and other routers supporting my LAN behind the Telecom TG585 V8 modem/router.

I have set the Telecom jobbie up as a 2 host link to the E4200 and configured the TG585 WiFi (which will normally be disabled - 65Kbps 802.11n is a nice touch) on another 126 host LAN (with DHCP) in case I need a quick pre-configured pop out of my local network, thus bypassing my internal routers/network. (Impressed the TG585 V8 supports multiple sub-networks on the LAN)

So as you can see, I'm effectively only using the Telecom TG585 V8 to tunnel/route/port forward through to get to my LAN. After all it was free and I might as well make use of it if it's up to the job.

 

2445 posts

Uber Geek
+1 received by user: 146


  Reply # 506228 14-Aug-2011 12:56
Send private message

Dynamic DNS and port forwarding are two completely different things.

It sounds like you might be doing double NAT. You need to get rid of that and use PPP forwarding/(half) bridge mode to one of your other routers so that port forwarding will work properly.

Goto dyndns.com and sign up for a free dyndns subdomain, you can then use that to get to your router/LAN from outside of it.
Then setup port forwarding to the LAN IP that your NAS is on.



208 posts

Master Geek


  Reply # 506262 14-Aug-2011 14:27
Send private message

I must not be very good at explaining things. Smile

Yes effectively I'm attempting to Network Address Translation (NAT) an address from the Public IP address space to the Private IP address space.

So simple explanation.

I have a Network Attached Storage (NAS) box.

I want to connect to my NAS box from the Internet.

The Internet has 'public' IP addresses which for the most are static.

I have an ISP broadband connection provided by Telecom NZ which gives me a Dynamic 'public' IP address that may or may not remain the same for some time.

My local LAN addresses are in the 'private' IP Address space 10.0.0.0 for augment sake.

I know about Dynamic Domain Name Service (DDNS)  that part works.

So lets forget about DDNS for the moment.

Is it possible to connect to myNas.dynDNS-home.com:8080 ?????? via the Telecom NZ broadband network and/also using a Telecom TG585 V8 ?????

I've set up 8080 in the 'New Game or Application' menu of the TG585 and assigned it to my LAN (Ethernet) port.

My Linksys E4200 router 'maps' the TCP port 8080 to the IP address of the NAS box which completes the 'pipe'.

This should effectively 'map' the 'public' IP address 122.59.1.1:8080 to the private IP address of 10.0.1.1:8080

BUT it doesn't. It's telling me access denied. Which indicates this is being blocked somewhere...Telecom NZ??????

I haven't used a TG585 modem/router before so I'm not 100% I'm correctly dotting all the i's and crossing all the t's when it comes to NAT/PAT with this device.

And YES I was using Port Address Translation (PAT) before too. But attempting to keep it simple at the moment by just using NAT.

On the face of it the Telecom NZ TG8585 looks like it should be able to do NAT.








 

2445 posts

Uber Geek
+1 received by user: 146


  Reply # 506264 14-Aug-2011 14:34
Send private message

Are you actually doing double NAT? I've seen problems with port forwarding not working too well (For whatever reason) through double NAT, even if setup "correctly".

Assuming you're doing double NAT:
Are you forwording port 8080 on the WAN side from your TG585 to the private IP of the linksys E4200 (Which is connected via the WAN port on the E4200 to the TG585?) which is then NATting into your internal LAN?
Is the linksys getting a different subnetted IP from the TG585 that is different from what it's handing out to your LAN?



208 posts

Master Geek


  Reply # 506294 14-Aug-2011 15:14
Send private message

Telecom NZ IP (122.59.1.1)-> TG585 V8 ->(192.168.16.252/30)-> Linksys E4200 (10.0.1.0/24) ->NAS (10.0.1.1)

Not had any problems with big iron Cisco and no problems with the Linksys bottom dewellers.

Guess I could rip my TG585 out of service and bench test it if nobody has an external connection into their private network and knows what works or doesn't work. Just trying to look for the simple answers first.

Did have

Vodafone NZ - > WinXP SP3(Laptop) -> Linksys WAG120N -> Linksys E4200 -> NAS

Don't ask, but yes, that worked fine, even with the added complication of having a MS firewall in the mix.





208 posts

Master Geek


Reply # 506344 14-Aug-2011 17:44
Send private message

Ah poo!!!

The TG585 is giving me gib.

Early days, but the inbound IP address (and port) neatly wrapped in a slice of DDNS is not being block by Telecom NZ. This is good news.

But indications are that the TG585's forte may not be NAT. Bless.

Anyway, now having the right questions I may be able to find an answer.

Thanks to Kyhwana2 for prompting at bit more thinking on the subject.




208 posts

Master Geek


Reply # 506692 15-Aug-2011 11:58
Send private message

OK Plan D seems to work.

Which is like plan B and C expect without the Access Control List (ACL) errors/exclusions and remote management port conflict.

The Telecom NZ TG585 V8 has been redeemed.. for now. Laughing

I am passing TCP port 8080 from a public IP via Telecom NZ broadband, through the TG585 V8 modem/router, then through a Linksys E4200 router and then connecting to my NAS.

Cause of joining the Telecom NZ massive, the day before yesterday I still had a few IP addresses not allowed which should have been allowed due to the cut over.

And cause in my pea like brain the only new thing was the TG585, I was fixating on it without extending my view wider.

As Kyhwana2 pointed out when doing multi-hop NAT'ing (or PAT) just be aware of the services provided on the transiting routers/servers. I found the TG585 liked the fact my Linksys E4200 router had a remote management port 8080 and decided that was a good place to stop. In a pure Linksys environment this was not an issuse.

By disabling and/or changing the Linksys remote management port the Telecom NZ TG585 was fine and forwarded the TCP port 8080 correctly.

So guess I can take it from here. Thanks to everyone that helped.






 

Create new topic

Twitter »

Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.