Port forwarding problems.

[liangan 1]

Hey all, my problem sounds identical to a lot of the ones I've read here, and I've tried the suggested solutions, but nothing's panned out so far.

I have connected to Air VPN through my router (Tomato firmware on an Asus RT-N12). This same device updates DDNS whenever I hop on to reflect whatever new outside IP I may have.

I am forwarding five ports through my Air VPN settings, and have tried applying the suggested iptables entries through the firewall scripts chunk of Tomato (i.e., iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 123 -j DNAT --to-destination 192.168.blah.blah ).

Some of the ports seem to be forwarding as they should (torrents are going at a good clip, etc.). However, there doesn't seem to be any way to access the NAS services from outside. I've tried (one at a time, going back to standard afterwards where applicable)

updating the DDNS to make sure the webpage is pointing at the right address,

accessing the page more directly via [external IP address]:port version,

changing the PREROUTING destination to the particular port in use (i.e. -- to-destination 192.168.blah.blah:port),

matched the external ports being forwarded through AirVPN to the ports used by the device,

restarting the device,

restarting the router,

etc. Everything comes up 400 Bad Request errors.

Any ideas? I've been trying to figure it out for hours and coming up empty handed.

[liangan 1]

Alright, fixed what I could and kludged the rest. One last thing that isn't working, and for no reason that I can discern:

I'm forwarding two ports: 7602 and 7603. Both seemed to be working last night, now only 7602 is.

Current firewall rules:

iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 7602 -j DNAT --to-destination 192.168.xx.xx

iptables -t nat -I PREROUTING -i tun11 -p udp --dport 7603 -j DNAT --to-destination 192.168.xx.xx

iptables -t nat -I PREROUTING -i tun11 -p tcp --dport 7603 -j DNAT --to-destination 192.168.xx.xx

I checked it with iptables -L -vt nat to make sure it wasn't a router problem and got the following (in relevant part):

Chain PREROUTING (policy ACCEPT 769 packets, 107K bytes)

pkts bytes target prot opt in out source destination

5 300 DNAT tcp -- tun11 any anywhere anywhere tcp dpt:7603 to:192.168.xx.xx

363 48663 DNAT udp -- tun11 any anywhere anywhere udp dpt:7603 to:192.168.xx.xx

15 840 DNAT tcp -- tun11 any anywhere anywhere tcp dpt:7602 to:192.168.xx.xx

7602 checks out on both canyouseeme.org and airvpn's port forwarding test, while 7603 fails (Reason: Connection refused).

Any ideas?

[liangan 1]

Making one last reply to try to get some kind of response. I don't think I'll renew my subscription without resolving this issue, and I don't see being able to resolve it without a hand.

[Guest]

Hello Guys i think that Simple Port Forwarding workswith webPages and not straight with your wireless router. Creating it a secure system to use. Its no different than using browser, IE or any other web browser to create port forwarding .The system performs by automating the procedure for you. Thanks a lot!!