Topic: Please, help with portforwarding

[Grin]

Fresh install of SME7, wanted to replace Linksys router.

Server and Gateway mode, static external IP 123.45.67.8,  192.168.1.x  local network with static IPs.

I need just a simple port forwarding from 123.45.67.8:83 to 192.168.1.2:83, trying to use Portforwarding panel (TCP  83  192.168.1.2  83 ) with absolutely no success.

What puzzles me even more, forwarding from 123.45.67.8:83 to 123.45.67.7:83 works just fine.

[CharlieBrady]

I need just a simple port forwarding from 123.45.67.8:83 to 192.168.1.2:83, trying to use Portforwarding panel (TCP  83  192.168.1.2  83 ) with absolutely no success.

You can't test portforwarding to LAN addresses from the LAN.

[Grin]

You can't test portforwarding to LAN addresses from the LAN.

I've tested it from home computer (remote desktop).  I can see the incoming connection from my home IP in iptraf.  Seems that it is just dropped somewhere in iptables rules.

And IMO, forwarding should work even from LAN if I try the external IP:  'telnet 123.45.67.8 83'

[paquerette]

And IMO, forwarding should work even from LAN if I try the external IP: 'telnet 123.45.67.8 83'

I don't think so, requests probably hits different interface...

I've made these test to confirm :

PC1 : Tomcat WebServer running on 8080

Server/Gateway : port forwarding from 21 to PC1:8080


Tests :

on PC1, try http://Http://localhost:8080 => Ok (tomcat is running)
on PC1, try http://externalIp:21  => KO (unreachable server)
on Server/Gateway  try lynx http://Http://pc1:8080 => Ok
on Server/Gateway  try lynx http://externalIp:21  => KO (timeout)

on an another server outside the network reach by SSH
try lynx http://externalIp:21  
Success

I used port 21, because on this last server only a few port are allowed to go out.

So you should make your test from another connection (a friend may help)

I've no port forwarding issue with SME 7 (VLC stuff, or other software we can't talk here)

[CharlieBrady]

And IMO, forwarding should work even from LAN if I try the external IP:  'telnet 123.45.67.8 83'

Your opinion doesn't matter. It's just not possible. For port forwarding to work, the server must see the traffic in both directions. When the server forwards traffic coming from the LAN, the destination machine will reply directly to the sending machine and the server does not see the return traffic.

[Grin]

Your opinion doesn't matter. It's just not possible. For port forwarding to work, the server must see the traffic in both directions. When the server forwards traffic coming from the LAN, the destination machine will reply directly to the sending machine and the server does not see the return traffic.

Thanks for explanation. See, my opinion does matter - it has been corrected, that's what does matter to me

EDIT: And I see my problem now. Thanks again.

[Grin]

So you should make your test from another connection (a friend may help)

I've no port forwarding issue with SME 7 (VLC stuff, or other software we can't talk here)

My friends are Remte Desktop/VNC/SSH, so I check the connection from outside every time.

Thank you for the test - at least I know now that the problem is not in SME box.