| reply to msj
Re: Actiontec 701 Port Forwarding I uninstalled Quick Care. When I ran LSPFix.exe I got the following.
mswsock.dll Tcpip
winrnr.dll NTDS
rsvpsp.dll (Protocol handler)
no changes were made when I hit Finish.
I'm not sure what you mean by Connect To or Show All Connections, but when I go into Network Connections. Local Area Connection 2 says "Connected Actiontec Gateway" No firewall or lock symbol.
Under properties, I have the following listed.
Client for Microsoft Networks
Deterministic Network Enhancer
File and Printer Sharing for Microsoft Networks
QoS Packet Scheduler
Network Monitor Driver
Internet Protocol (TCP/IP)
Only TCP/IP filtering is listed under Options.
Under filtering Enable TCP/IP Filtering (All adapter) IS checked off. I've set it to OFF (not checked) There were no ports listed, just grayed out.
I only have Microsoft Windows Security Alerts in red with an X inside the icon. No other services are running.
I've got no programs listed that I can see that might effect this. Remember this computer got a complete reinstall after the old hard drive died. I've not installed any kind of antivirus software, firewalls etc..
I do have a VPN client to connect to our corporate network. But I only run it if I need to connect, I've not run it in the last month. Also, if I do run it, I must enter my login and passwod if I surf the net via Explorer. So it's quite obvious when I do run it. The VPN client is by Cisco Systems.
C:\Documents and Settings\mdamberger>route print
===========================================================================
Interface List
0x1 ........................... MS TCP Loopback interface
0x10003 ...00 0f b3 74 aa 6b ...... Actiontec Gateway - Packet Scheduler Minipor
t
===========================================================================
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.3 30
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1 1
192.168.0.0 255.255.255.0 192.168.0.3 192.168.0.3 30
192.168.0.3 255.255.255.255 127.0.0.1 127.0.0.1 30
192.168.0.255 255.255.255.255 192.168.0.3 192.168.0.3 30
224.0.0.0 240.0.0.0 192.168.0.3 192.168.0.3 30
255.255.255.255 255.255.255.255 192.168.0.3 192.168.0.3 1
Default Gateway: 192.168.0.1
===========================================================================
Persistent Routes:
None
The computer I have is a HP Omnibook 6000 PIII 650MHz. The install was a Microsoft XP Pro disk. |
|
| I went back in and ran in safe mode with networking. I was able to ping my PC from inside the DSL modem at 192.168.0.3. (I got nothing before) When I tried port 799 from canyouseeme.org I got back "connection refused". Not the timeout error I had been getting to that port. So it looks like port forwarding is working, because if I tried any other ports like 80 I got the timeout error. So some setting on the pc must be refusing to answer any ports. |
|
 msjPremium
join:2004-05-21
Fort Collins, CO
kudos:1
1 edit | reply to mdamberger
said by mdamberger:I do have a VPN client to connect to our corporate network. But I only run it if I need to connect, I've not run it in the last month. Also, if I do run it, I must enter my login and passwod if I surf the net via Explorer. So it's quite obvious when I do run it. The VPN client is by Cisco Systems. Ah, this is most likely the cause of your problem. The Cisco VPN client contains a firewall that can be enabled to run EVEN WHEN YOU ARE NOT RUNNING THE CLIENT, i.e. the firewall part of the client runs automatically when you boot the machine. Many distributions of the Cisco VPN client have this enabled by default.
So, to disable it, try this:
1) Open the Cisco VPN Client and select "Options". Uncheck the "Stateful Firewall (Always On)" option.
2) If you don't find this option, try selecting "Advanced Mode" from the Options menu.
If you still can't find the option, it doesn't mean that the firewall is not there. It's possible, if you got the client from your company, that they have disabled the ability to turn this option off. Try uninstalling the client for testing purposes.
Now try some of the previous tests (ping from the modem, port checks via www.canyouseeme.org). Hopefully it will work now (assuming there isn't yet a 3rd firewall lurking on your computer).
If port forwarding works then you need to come up with a more permanent solution. You don't want to connect your laptop to an external ISP without having any firewall in place. The problem is that the Cisco VPN client has known problems with Windows Firewall. There are some workarounds that work in some cases, but not always. For that reason many people use yet another 3rd party firewall that works with the Cisco VPN client (because the "Always On" part of the Cisco VPN firewall is very inflexible, i.e. you can't open selected ports). Anyway, for testing purposes while behind your Actiontec modem, you should be safe, but long term you need to either 1) Get the Cisco VPN to work with Windows Firewall 2) Get a 3rd party firewall that works with Cisco VPN, or 3) Manually enable and disable the firewall when you are in public (dangerous if you ever forget). |
|
| reply to kenjamin
Okay, so I just spent 3 hours fixing a problem only to discover that there was no problem. I thought I would post this because I wasn't aware of this.
When I tested my edonkey port forwarding, I did not have edonkey running.
So when I tested my port on canyouseeme it came up 'Connection refused'.
When I had edonkey running and tested the port it succeeded.
Maybe not on all configurations do you need this, but I discovered the hard way that in order to test if the port is open, have something that can recieve the incoming packets just to be sure...
Hope this helps.
-alan |
|
msjPremium
join:2004-05-21
Fort Collins, CO
kudos:1 | Yes, as I indicated in some of my previous posts, Connection Refused is a good thing, i.e. it indicates that the port is being forwarded to the PC, but the PC is refusing the connection because no application is listening. If the port is not being forwarded properly, or you have a firewall in the way you will get "Connection Timed Out".
I should also note that this is only true for TCP connections. www.canyouseeme.org only tests TCP connections. I'm not sure if there are any UDP connection tests, and if there are then the behaviour will be a little different. So, if you want to get UDP port forwarding to work I would first just set up a random TCP port for port forwarding, because most of the problems that you will encounter will be the same for TCP and for UDP. Once you get the TCP test to work, then you should be able to simply set up a UDP forward and have it work. |
|
msjPremium
join:2004-05-21
Fort Collins, CO
kudos:1 | reply to mdamberger
mdamberger, I was just wondering if the Cisco VPN client firewall was what was causing your problem, and if you were able to get things to work. |
|
| Yes, the problem WAS the Cisco VPN dial-er. It does have a option for Firewall on/off. But turning it off is disabled. So I went into Services in Administrative Tools and changed the Cisco Systems to Manual Start up. At this point I should probably turn on Windows Firewall and add the ports Im using. But your saying Cisco VPN's don't work well with Windows. So if I want to use it I'll need to turn off Windows Firewall and let the VPN Firewall back on while I use it. |
|
| reply to dumberdrummer
I am completely new at this so i dont even know what to put int the ip address box or the Protocol one. Mine shows...
IP Port Range Protocol IP Address
???? to ????
Do you put the IP Adress in that it says you have on »www.canyouseeme.org? |
|
 CNUTZDeez Nutz?Premium
join:2002-08-16
Des Moines, IA
1 edit | The IP address you put in the port forward config area would be your local LAN IP address of the computer you want the port forwarded to. You can get that by opening a command prompt on the computer you want the port forwarded too and typing ipconfig then enter. The IP address will appear there. As far as the protocol, you will have to reference the program setup instructions for that info. It should tell you what port and protocols need forwarded for that program to function correctly.
--
»www.fraghaus.com |
|
|
|
| reply to msj
I am having problems with port forwarding on the actiontec also. i have tried everything even updating the firmware. I am setting up ssh forwarding. No mater what I get connection refused when I try to ssh into my linux box through the modem. This modem seems to bar all incoming connection no matter what. I went to the advanced and set up port forwarding both udp and tcp for ports 20-25. I am also tried the dmz option. Same crap. I had the port fowarding working fine before with a cable modem and a linksys router. This actiontec is a piece of crap. Is there any way to make port fowarding work. Does anyone in the world have it working for incoming ssh connections. If so I would love to know how you did it. Otherwise is there another modem that I can use with quest? |
|
msjPremium
join:2004-05-21
Fort Collins, CO
kudos:1 | Yes, I have ssh (port 22 tcp) forwarding working just fine to my Linux server. I haven't done anything special that hasn't already been mentioned in this thread.
When you say you test it "through the modem" are you actually doing it from an external site, or are you trying to test it from inside your network?
I assume you have tried to ssh into your linux box directly from inside your network, just to validate that you have sshd setup correctly?
What does www.canyouseeme.org report for port 22 (using any machine inside your network).
Is qwest your ISP, or are you using a different ISP? |
|
