dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
6647
share rss forum feed

random12345

join:2010-06-14
Miami, FL

[DSL] Cannot Ping From Outside Network

I've had AT&T/Bellsouth for years since DSL was still relatively new to residential in the 90s. Never really any problems besides outtages here and there, and performance slowdowns. I have a strong IT background, and I do it for a living so its a little difficult to have to admit "defeat" in this.

Anyway- a few weeks ago I finally decided to set up a home server and a dyndns account to access my files/desktop while on the road. Everything worked perfectly as I wanted it to for about 2 weeks. Then, when I was going out of town, it stopped. Actually, the day I went out of town and got to the other side of the country is when it stopped.

I tried to remote desktop in, and I couldn't access it. I thought it might be down, so I tried pinging- Request timed out.

So, I contacted my friend who was watching my place and also knows very much about IT. He checked- everything up. IP address was correct. He did a power cycle on all the equipment. For about 2 hours we tried things and nothign worked until I gave up and decided to enjoy my vacation.

I got home, and started again on fixing this. I pinged from across the street! Nothing! Traces show it getting to the last hop every time, which I assume was the last router before my home, and then timing out after. I contacted AT&T to see if they had any new firewalls or rules put in place to restrict dynamic dns, or pinging, or anything- nope. AT&T tech suggested it was a bad modem because it was so old. So, I went out and purchased a new modem.

Its a Motorolla from best buy. Same cruddy interface as my old Westel, only this one allowed me to turn off the Firewall. I hooked it up, turned off the firewall and bam! Pinged from network-tools.com no problem! So, I set it up and turned on Bridged so my Dlink DIR-655 can take control. Back to a time out! I took it off and hooked it up to my Win7 laptop and allowed it to do the PPPoE connection. Still, no ping and timing out. I turned off my Win7 firewall, and noticed it turned it to a "public" network for some reason... set it to a Home network. Tried again - and bam! It pings!

So this is what currently works-
Ping when modem when it handles the PPPoE - 100% success, 0 packets lost.
Ping when Win7 laptop connected directly to modem. Modem set to Bridged, firewall turned off. Win7 set to Home network and handling the PPPoE connection.

Here is what does NOT work-
Ping when Dlink DIR-655 (fully updated firmware) is connected to modem. Modem is set to Bridged, Router handles PPPoE connection.

The method that does not work is the setup I have had for YEARS without a problem. I've always been able to ping in, always been able to hit my network from the outside, and all that fun. Now, as of a few weeks ago, I can't get in to the network at all. I can still surf and ping out, and do EVERYTHING outbound PERFECTLY fine like nothing is an issue. Its almost like theres an implicit deny somewhere, but there isn't. I double checked everything, and theres no rules on my router right now. I did a hard reset a few times and even kept it to bare settings just to get online. NOTHING!

I know that currently it has to be something within my own home network preventing a ping. But why? What all of a sudden changed that I can't ping? I've tried multiple systems, multiple resets, etc. Its a brand new modem, hard reset router (I have two actually, and have tried both seperately), no implicit denys or rules anywhere preventing it. It worked flawlessly for years, and the remoting worked for a few weeks before my network pretty much went invisible to the outside world.

Help!


sashwa
Premium,Mod
join:2001-01-29
Alcatraz
kudos:18
Let's try getting some help for you on this in our DLink forum.


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
reply to random12345
Being pingable or not has no bearing at all on being able to use any properly forwarded resource on your Home Network.

RD works even when ping doesn't. They are not tied together. Either can work or not work independently of the status of the other.
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

random12345

join:2010-06-14
Miami, FL
Sorry I didn't clarify-
I can not RD either in its current state for some reason, but I was able to perfectly fine before. Everything went in/out as I planned prior, but now it only goes out. I can only go in from WAN-LAN when connected directly to the modem. As I said- this came out of the blue, and I have two DIR-655's I tried that are doing the exact same thing. Nothing was changed on the setup, and I even set everything to the complete defaults and turned off firewalls.

WAN -> Bridged Modem -> PPPoE Router -> Win7 w/ firewall OFF

Cannot ping, cannot RDP (with ports opened). I even attempted putting my system on the DMZ, and it didn't help either. I've basically opened my system up in every possible way, and bridged modem to pppoe on the router isn't allowing me to get INBOUND traffic. Its almost like theres a hidden implicit deny somewhere.

I also attempted turning on remote administration for my router, and I can't get through either.


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18

1 edit
Then it sounds like the Modem is getting your Public IP and dropping all incoming packets that are unsolicited (aka not in its outgoing NAT Table that LAN originated connections created).

You can use GRC.com's Shields Up page to check your status and what the WAN sees as your IP. Plus it can be used to find what is blocked and where it is happening.
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

random12345

join:2010-06-14
Miami, FL
I did the Shield Up, and everything is stealth.

This is what's confusing me. I even went and turned EVERY firewall 100% OFF. I put my system on the router's DMZ. In the minimal interface of the modem, I made sure it was set to Bridged and the firewall is off. In PPPoE, I can ping just fine. In bridged, it won't.

As I said- everything was flawless and working fine. Out of the blue everythign went down. My personal web server, remote desktop, and a few other small services I had set up and were running without a hitch for a while. Passwords were changed often, and are very strong.

Unless ICMP is explicitly denied, I should be able to ping at the very least on a fresh reset router and modem. Theres nothing complex in any way set up on my network now. Its a bare minimum setup.

WAN -> Motorolla modem bridged w/ firewall OFF -> DLink Dir-655 dialing in with PPPoE w/ firewall OFF -> PC

Does NOT ping.

I have two DIR-655's. I have tried BOTH and both yield the same exact results. I can connect my Win7 PC directly to the modem and allow the PC to dial in with PPPoE, and it can ping that way.

What happened? I can't find anythign explicitly denying... I can't find anything I can turn on to explicitly allow that works. I even threw the PC on the DMZ of the router without results... I mean, that doesn't matter as its not an issue with not being able to see computers- I should be able to ping from the WAN to my IP, and the ROUTER should be replying. But its not.

So, theres something up with the NAT on the modem which is the only thing that sounds logical. Theres nowhere really to do that in the well designed interface (yes, thats sarcasm)... and also, why should that matter as I went YEARS on an OLD modem that worked fine... then out of the blue, I lost the ability to have inbound traffic. Then on a new modem, its doing the same thing?

Is it possible for there to be something up with my ISP (AT&T)?

My brain hurts.


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
said by random12345:

I did the Shield Up, and everything is stealth.

Is it possible for there to be something up with my ISP (AT&T)?

No, it is not your ISP.

Ping has nothing to do with being Stealthed. ICMP is not going to help or hurt you in regard to having the needed Ports properly opened/forwarded to accept inbound packets from the Internet to the correct PC on the LAN

What device has your Public IP? That is what is reporting as stealthed and needs reconfiguration/bridging so that only one NAT device has the Public IP and that device needs to be the same NAT device that is handing the LAN PCs so there are not multiple NAT devices that need port forwarding setup/performed in each of them.

PortForward.com says that "If you do not know exactly what you are doing or are having problems, Start Here. "
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

random12345

join:2010-06-14
Miami, FL
See- thats the thing. My modem is bridged to my router. Router has the IP. Everything was perfectly fine for years. Nothing was changed. Out of the blue, it went "stealth." The router has the IP. I've always been able to ping the IP jsut fine until recently. The router IS the one with the IP, and displays everything connected just fine on the status with the public IP.

Forget Remote Desktop or open ports and anything on actual clients. Lets just focus on the ICMP packets to the router- nothing is denied in the router, and the modem has the firewall turned off (the only thing in this piece of garbage). Why can I not get a ping? What happened that out of the blue, I apparently need to start working with the NAT and many other things in the router/modem that has NEVER had to be done before?


Doctor Olds
I Need A Remedy For What's Ailing Me.
Premium,VIP
join:2001-04-19
1970 442 W30
kudos:18
said by random12345:

See- thats the thing. My modem is bridged to my router. Router has the IP.

What IP?

It should be the Public AT&T supplied IP and what is seen in the Router should match what is seen at »whatismyip.com/ If the IPs do not match, you are severely misconfigured.

Being pingable is controlled a setting in the Router. It will only work if the Router has the Public AT&T IP on the WAN Interface.




said by random12345:

Forget Remote Desktop or open ports and anything on actual clients. Lets just focus on the ICMP packets to the router- nothing is denied in the router, and the modem has the firewall turned off (the only thing in this piece of garbage). Why can I not get a ping? What happened that out of the blue, I apparently need to start working with the NAT and many other things in the router/modem that has NEVER had to be done before?
ICMP Echo (aka Ping) is unrelated to Port Forwarding. Until you understand that, it seems that you want ping to work regardless if anything else works. That is what I posted in the image above.

The Port Forwarding info is all available at »portforward.com/english/routers/···DIR-655/

HTH
--
What’s the point of owning a supercar if you can’t scare yourself stupid from time to time?

random12345

join:2010-06-14
Miami, FL
Ok,
I do appreciate your help. I really do. But really, you seem to be missing everything I've been typing. Lets assume this- lets assume I didn't bring up remote desktop once at all. Lets assume all I wanted to be able to do is ping my router from a computer out on the interhighways for fun.

You seem to be ignoring what I've said that I know IT- I work in IT. I am merely going through the basic troubleshooting process that every tech learns when they're a little beansprout starting on networking- CAN YOU PING IT? No? Ok- lets get to pinging it first before we go onto anything else!

That is my issue- I can't even ping. So why am I going to go onto port forwarding? I know how to port foward. You have also ignored the fact that I have had this set up for years without a problem.

You also tended to ignore that I said my router on PPPoE is providing the proper WAN IP (yep! even the one that the intersuperhighway's site, whatismyip.com is showing!).

Anyway, after doing some more investigating, I found out that my modem for some reason kept reseting back and turning the firewall and other poorly designed features in the poorly designed Motorolla system. I exchanged it, and its working as it should now.

I set my modem up by turning off all the firewalls, dhcps, etc. Turned it from PPPoE to bridged. My router was still at the exact same settings. Turned it all on/connected it all- bam. Online. network-tools.com, ping- immediately 100% success.

Awesome. Went back to setting up all the other ports and servers, and its back to the way it should be.

Thanks!