Topic: Port forwarding doesn't open ports - still blocked by fw

[mackayr]

I'm trying to use port forwarding to access computers on my lan.  However, the ports are still being blocked by fireall (using nmap scan they don't appear in the list of open ports).

Any suggestions?

[NickR]

How are you running NMAP?  The scan initiated from the server manager will only scan 127.0.0.1 & that won't show any port-forwards.

Port forwarding does work, I use it all the time.

[mackayr]

Nick,

I have a second pc on my lan (a Linux pc) and did the nmap from there.
"nmap 192.168.0.1"

What I'm trying to do, for example, is set up the sme server to forward requests to port 10080 to port 80 on another computer on my lan.

It doesn't appear to be working.  I just did a scan using www.grc.com and actually the forwarded port IS open after all (nmap must only scan the lower 1024).

However, it doesn't appear to be working.  Any ideas?

Rob

[NickR]

Ah, I think you may be trying to do something that port-forwarding isn't designed to do.  
What it does do is forward a port on the external (WAN) interface to a nominated host & port on the LAN.  You need to be checking that it works from another external host (eg on a dialup connection).

NMAP can scan any port or port range if given the correct switches.  
Read the man page here: http://www.insecure.org/nmap/data/nmap_manpage.html
Look at the -P switches.

[mackayr]

Nick

You're absolutely correct!  Thanks!  I tried to access it remotely, and it works fine.

I'm going to post another issue I'm having with PhpFileExchange.  I can access it properly from my lan by setting up "www.home" in config.php.  However, I can't seem to access it remotely (really remotely this time).  I have a dynamic ip but have set up dynamic hosting through dyndns.org.  Any idea's on why this wouldn't work?  I can access the server, but it goes into some kind of loop and will not load the login screen.