380.57 Possible port forwarding issue

[alex_mz]

I confirm. Port forwarding broken.
I forward rdp from external network to internal in server. Before update to last version. I can connect 10 times to rdp. and have 10 connects to server. After update i can 1 of 10 connects successfully.
Router AC56U. Firmware 380.57.
I see the same situation on rt-n16 in Oleg firmware. and when i install merlin firmware. problem fix.

 

[el pescador]

Ive had 3 Asus routers to date.
The RT56U
AC66U and now the AC88U.
Only the RT56U worked well with FIFA.
Could this problem be to do with changes made to chips or firmware since the original RT56U??

 

[kvic]

I briefly tried 380.57 on ac56u before. Throughputs in all scenarios are not as good as .55. CPU utilization is higher in general.

For me 55 (I skipped 56) is to stay until 38o branch matures a bit more.

 

[Soul--Reaver]

Asking me four times to "fix it for the next release" isn't going to achieve anything, as the NAT acceleration code is closed source, and only Broadcom has its source code.

It will be fixed whenever Broadcom fixes it, and passes on any fix to Asus.

I don't think NAT acceleration is the cause as it made no difference for me. But who knows so many things are often related

But also as i posted earlier i thought it to be unlikely you would be able to fix it because of the closed source stuff
Still waiting on when i will be able to test ASUS original firmware.

 

[makkie2002]

Hello,

Same issue here on n66u. Port forwarding code seems to be broken. Adding new port forwarding rules in the web interface doesn't have any effect. Removing a port forwarding rule seems to keeps that rule still active (although it has been removed from the list). It seems that the rules from the web interface are not properly "translated" in real forwarding in the router.

Very annoying issue.

UPDATE:

I checked via a SSH session to the router and indeed the iptables are not updated to reflect the changes done in the web-gui ... . I wonder why not more people have issues with this ...

 

[CapinWinky]

I just want to chime in that I recently upgraded from an RT-N16 with TomatoUSB (that served for several years) to RT-AC87R with Merlin 378.56_2 and I'm also having port-forwarding trouble. At first, it just flat didn't work, but after changing several settings and then changing them back it started, so I don't know if forcing variable creation helped or what. I still can't use port-forwarding from the LAN side; by that, I mean if I am connected on the LAN side and try to connect to <WAN_IP>:<ExternalPort> is doesn't work, but if I change to my phone hotspot it does.

I may also be having issues with my DDNS. I made a custom script on JFFS for DuckDNS using the code from here and it both fails to update DuckDNS and also continually logs a watchdog every minute:

Mar 1 00:36:54 watchdog: start ddns.
Mar 1 00:36:54 rc_service: watchdog 447:notify_rc start_ddns
Mar 1 00:36:54 custom script: Running /jffs/scripts/ddns-start (args: redacted)
Mar 1 00:37:24 watchdog: start ddns.
Mar 1 00:37:24 rc_service: watchdog 447:notify_rc start_ddns
Mar 1 00:37:24 custom script: Running /jffs/scripts/ddns-start (args: redacted)​

It's not like the script is super complicated, so I don't know what's up. I eventually commented out the entire script except the line:
/sbin/ddns_custom_updated 1
And it still does the watchdog. Sort of makes it seem like there is a lot going wrong and maybe I need to re-flash.

 

[Soul--Reaver]

The port forwarding issue is only present in the 380.57 firmware

Your issue sounds to me like its the loopback issue which can be fixed by logging into your router and going to firewall. Here you will see "NAT Loopback". Try every option until you find one that works for you

 

[Zoltan]

Hi all,

i found a port forwarding issue at my rtac56u with merlin's FW, however the stock FW has the same problem as well. Imagine the scenario when in a home network i have a NAS with 5 NIC's ( I know is odd to have 5) See picture :

The server is called H340, i set one of the NIC's with static IP to be able to do port forwarding

IP alocation work's fine, all 5 NIC's are working but port forward works only from xxx.31 because is present in the list of local IP in the port forwarding list.

If i disable 4 NIC's and leave only the xxx.216 active, will appear in local IP list, and can do port forward, and work's fine.

Can u please fix this issue?

thanks!

 

[RMerlin]

Hi all,

i found a port forwarding issue at my rtac56u with merlin's FW, however the stock FW has the same problem as well. Imagine the scenario when in a home network i have a NAS with 5 NIC's ( I know is odd to have 5) See picture :

View attachment 5667

The server is called H340, i set one of the NIC's with static IP to be able to do port forwarding

View attachment 5668

IP alocation work's fine, all 5 NIC's are working but port forward works only from xxx.31 because is present in the list of local IP in the port forwarding list.

If i disable 4 NIC's and leave only the xxx.216 active, will appear in local IP list, and can do port forward, and work's fine.

Can u please fix this issue?

thanks!

Post your list of port forwards.

 

[Zoltan]

Post your list of port forwards.

Hi Merlin,

please see attached pictures

 

[RMerlin]

I see no duplicate, so there's no reason for it not to work on the router-side. Make sure it's not blocked on the server-side, and that you are actually testing while outside of your network, not from inside.

 

[ColinTaylor]

As I understand it @Zoltan 's problem is not that port forwarding doesn't work. It's that the drop-down list in the Port Forwarding List called "Local IP" only-contains 1 of his 5 IP addresses. So he is unable to select the other 4 IP addresses.

Hardly surprising really. I doubt the interface was designed to cope with 5 IP addresses having the same host name.

 

[Maude]

Personally I don't use Port Forward anymore. I have 380.57 running on an Rt-AC3200 and since I needed to block some countries that were DoS'ing me on port 80, I modified the firewall script from Adamm here: http://www.snbforums.com/threads/ho...ps-using-ipset-firewall-addition.16798/page-5 and some parts of this post: http://www.snbforums.com/threads/hellp-with-ac68u-port-forwarding-iptables-setup.26108/ , specificaly this line:

iptables -t nat -I PREROUTING -p tcp -m tcp -s xxx.xxx.xxx.xxx --dport 80 -j DNAT --to 192.168.1.100

and this

-A FORWARD -m conntrack --ctstate DNAT -j ACCEPT

You have to replace the source ip (xxx.xxx.xxx.xxx) with your router wan ip

`nvram get wan_ipaddr`

and the destination ip.

All this is explained in the threads and I can share the end result as well...

 

[RMerlin]

As I understand it @Zoltan 's problem is not that port forwarding doesn't work. It's that the drop-down list in the Port Forwarding List called "Local IP" only-contains 1 of his 5 IP addresses. So he is unable to select the other 4 IP addresses.

Hardly surprising really. I doubt the interface was designed to cope with 5 IP addresses having the same host name.

You can manually enter an IP in the field, so that shouldn't be a problem.

And you should never have the same name for multiple devices on a LAN, as this will create a lot of problems.

 

[ColinTaylor]

And you should never have the same name for multiple devices on a LAN, as this will create a lot of problems.

Totally agree. But this case is slightly different as he has a multihomed server, which is a valid setup (load balancing, redundancy, etc.). But it's something a home router probably wasn't expecting to support (I'm not sure it would work with dnsmasq anyway).

Anyway, as you say, if he can enter the IP addresses manually that will fix his problem.

 

[paztelu]

Hello everyone, just to add my grain of sand. Today I upgraded my Asus RT-N66U firmware to 380.58 from 378.56_2 and again started having port forwarding problems (not connecting, slow connections). As I don't want to deal with any trouble I just downgraded again to 378.56_2 and everything worked perfectly again. I know this may be a problem with Asus Firmware I'm not asking for any quick fix. But it's the first time I had this kind of problem so it's really weird, something got broken in the latest code update and just reporting it.


Thanks

 

[L&LD]

Hello everyone, just to add my grain of sand. Today I upgraded my Asus RT-N66U firmware to 380.58 from 378.56_2 and again started having port forwarding problems (not connecting, slow connections). As I don't want to deal with any trouble I just downgraded again to 378.56_2 and everything worked perfectly again. I know this may be a problem with Asus Firmware I'm not asking for any quick fix. But it's the first time I had this kind of problem so it's really weird, something got broken in the latest code update and just reporting it.


Thanks

Did you reset to factory default after flashing to the new firmware?

http://www.snbforums.com/threads/no...l-and-manual-configuration.27115/#post-205573

 

[el pescador]

A question.
Not really clued up on things like this but i want to observe my ports when i game on the ps4 to make sure the ones i forwarded are actually working.
Where do i look for this?
System log and port forwards?
I see a list plus others opened by upnp.......etc
and the ports i opened and forwarded to the ps4 are all listed above.

If it is listed is it working?
Is there another place to search for when the ports are actually in use?

 

[RMerlin]

If they show under Port Forwards, then it means the router part is working properly. That does not guarantee however that the modem/ISP aren't interfering (for instance if you hadn't bridged your modem and were in a double NAT configuration).

 

[Spockfish]

Got the same issue after updating 380.58. This is on a AC68U, with a factory reset. Ive got it working again by changing NAT loopback from Merlin to Asus.

Hope this helps!