Menu
What's new
By:
Filters Better Search

AC68R not forwarding ports

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

U

usmarine0622

Occasional Visitor
Hey guys, I bought the AC66R from bestbuy today and set everything up. I configured a number port to be open but for some reason the router isn't forwarding those port to my lan devices. When I go to system logs and port forwarding I can see the ports that I opened and the IP address it's suppose to go to. I also when to a website that check to see if ports are open. The sites says the ports are open but I can't connect to anything remotely besides ftp. Anyone have a idea why this is happening?
 
Mine does do Port Forwarding correctly. The thing is, that I noticed Asus uses Port 80 while inside the firewall on your own LAN. If you try to access your stuff via your WAN IP, it doesn't seem to work, while your behind your own firewall. When I went off premises, I was able to access my stuff with correct port forwarding. I've been searching High and Low looking for some way do disable the Asus from "natively" using Port 80. I think they do it from the perspective of using their built in utilities. I was hoping that DD-WRT will eventually post a third party firmware that takes care of this problem. I am upgrading from a D-Link DIR-655 and never had the issue with basically the same configuration. It's kind of a "pain in the butt" to have to us an internal and external IP address to access my own stuff, depend on where I am at.
 
LocalDude said:
Mine does do Port Forwarding correctly. The thing is, that I noticed Asus uses Port 80 while inside the firewall on your own LAN. If you try to access your stuff via your WAN IP, it doesn't seem to work, while your behind your own firewall. When I went off premises, I was able to access my stuff with correct port forwarding. I've been searching High and Low looking for some way do disable the Asus from "natively" using Port 80. I think they do it from the perspective of using their built in utilities. I was hoping that DD-WRT will eventually post a third party firmware that takes care of this problem. I am upgrading from a D-Link DIR-655 and never had the issue with basically the same configuration. It's kind of a "pain in the butt" to have to us an internal and external IP address to access my own stuff, depend on where I am at.
Click to expand...

Thanks for the reply, yeah I thought that was it too but I tried to access it while outside my network and it wouldn't work. I returned the router and I'm waiting on my replacement from newegg. Once I get it I will test it out and see if everything is working.
 
After more late nights, and reading through this forum... There is definitely something "funky" going on with the port forwarding... I'm anxiously waiting for a firmware update, to see if this get's straightened out. My "afore mentioned" logic still holds true, but there is some sort of "loop back" problem, so you can't really check your ports from inside the local LAN via the WAN IP address. I made sure that none of my network devices are using port 80, as to not conflict, but it still even acts weird with other unassigned port numbers as well. I REALLY like this router, but I hope it get's fixed soon, cause that's kind of a "major" deal. Aside from that, The wireless performance is freakin awesome! I haven't tried the VPN function, or the USB yet. I'm trying to get the fundamentals worked out. I have a personal Windows server 2012 and am using domain controller services. I also plan on using IIS, and FTP services through the server.

There is still LOTS of configuration to do, but I get these fundamental issues resolved first, so I'm sort of in a "holding pattern". My network "could be" awesome. *sigh*

Maybe Merlin will come up with something first.

On another note... Windows 8.1 comes out today, as well as Server 2012 R2. I'm ringing my hands with anticipation. I feel "dastardly"...:D "Oh... VPN" I think I've got wood...
 
LocalDude said:
After more late nights, and reading through this forum... There is definitely something "funky" going on with the port forwarding... I'm anxiously waiting for a firmware update, to see if this get's straightened out. My "afore mentioned" logic still holds true, but there is some sort of "loop back" problem, so you can't really check your ports from inside the local LAN via the WAN IP address. I made sure that none of my network devices are using port 80, as to not conflict, but it still even acts weird with other unassigned port numbers as well. I REALLY like this router, but I hope it get's fixed soon, cause that's kind of a "major" deal. Aside from that, The wireless performance is freakin awesome! I haven't tried the VPN function, or the USB yet. I'm trying to get the fundamentals worked out. I have a personal Windows server 2012 and am using domain controller services. I also plan on using IIS, and FTP services through the server.

There is still LOTS of configuration to do, but I get these fundamental issues resolved first, so I'm sort of in a "holding pattern". My network "could be" awesome. *sigh*

Maybe Merlin will come up with something first.

On another note... Windows 8.1 comes out today, as well as Server 2012 R2. I'm ringing my hands with anticipation. I feel "dastardly"...:D "Oh... VPN" I think I've got wood...
Click to expand...

I got my new router today I will test it out and see what happens
 
Check the firmware version... The latest, as of this afternoon, has the last numbers 374.205. It's still not a "fix" for the port forwarding, but maybe addresses other issues. You'll have to go to the Asus website to find it.
 
Last edited:
LocalDude said:
Check the firmware version... The latest, as of this afternoon, has the last version number 205. It's still not a "fix" for the port forwarding, but maybe addresses other issues. You'll have to go to the Asus website to find it.
Click to expand...

yeah the firmware on the website is the one already preloaded on the router
 
LocalDude said:
Mine does do Port Forwarding correctly. The thing is, that I noticed Asus uses Port 80 while inside the firewall on your own LAN. If you try to access your stuff via your WAN IP, it doesn't seem to work, while your behind your own firewall. When I went off premises, I was able to access my stuff with correct port forwarding. I've been searching High and Low looking for some way do disable the Asus from "natively" using Port 80. I think they do it from the perspective of using their built in utilities. I was hoping that DD-WRT will eventually post a third party firmware that takes care of this problem. I am upgrading from a D-Link DIR-655 and never had the issue with basically the same configuration. It's kind of a "pain in the butt" to have to us an internal and external IP address to access my own stuff, depend on where I am at.
Click to expand...

You are right LocalDude, there is defiantly a problem with local port forwarding, I can access everything from outside my network just fine. I have a mail server on my network and I can't send any emails out because this issue. I hope they fix it soon as of now I have a 200 dollar paper weight
 
Thanks for the update... I was wondering how it was working out for you. On another note...

Awwww Man... I am not currently, but have been thinking of running an exchange server. But with your experiences, I'm gonna hold off for a while. I too hope they get the firmware resolved.

I LOVE the idea, and throughput that the Asus us giving me, but... I'll just be patient and remain optimistic. My personal network is also sort of a "test lab" for my projects... Luckily it's not a "production" environment like a small business or something. But still... I want it to work! I keep checking these forums as well as ASUS website hoping an update gets posted. Arghh...
 
Can you go to LAN - Switch Control and disable HW accelerator? That may help with your loopback issue.
 
Well I'll be damned... It looks like it works. :) I gotta play with it some more to verify that my immediate needs are taken care of.

Now to research what HW acceleration actually does.

USMarine, did it work for you? Try it out...
 
LocalDude said:
Now to research what HW acceleration actually does.
Click to expand...

HW acceleration allows WAN to LAN performance to reach well over 650+ Mbits. Without it, the max WAN to LAN you can achieve is around 240 Mbits on the RT-AC68U.

HW acceleration will bypass part of Netfilter, which might explain why it could interfere with the NAT loopback or port forwards.
 
Last edited:
RMerlin said:
HW acceleration allows WAN to LAN performance to reach well over 650+ Mbits. Without it, the max WAN to LAN you can achieve is around 240 Mbits on the RT-AC68U.

HW acceleration will bypass part of Netfilter, which might explain why it could interfere with the NAT loopback or port forwards.
Click to expand...

I read on a Linksys forum for the EA6700, that if you disable CTF, it will allow nat loopback (reverse NAT). I assume that disabling hardware acceleration also disables cut-through forwarding too? Is that just a Broadcom thing to prevent DNS rebinding attacks? Or is ASUS implementing it?

Anyway, if you don't disable CTF on the new(er) linksys routers, reverse NAT is not possible. Many of their EA routers don't have the option to disable CTF, but some of them now give you that option.

I have a Linksys EA4500 which does not allow nat loopback and the EA6500 AC router doesn't have nat loopback either. In late 2011, Linksys stopped allowing nat loopback on their routers.

https://doc.pfsense.org/index.php/DNS_Rebinding_Protections
 
RMerlin said:
HW acceleration will bypass part of Netfilter, which might explain why it could interfere with the NAT loopback or port forwards.
Click to expand...

I'm curious, if its an issue Asus is aware of, or if it it's the nature of the physics of how it works. In other words, if it's fixable or not. Not really a deal breaker, but sort of counter productive. Not really a deal breaker since WAN to LAN is only 60 Mbps down 12 Mbps up max speed anyway on residential service. But still...
 
jlake said:
I read on a Linksys forum for the EA6700, that if you disable CTF, it will allow nat loopback (reverse NAT). I assume that disabling hardware acceleration also disables cut-through forwarding too? Is that just a Broadcom thing to prevent DNS rebinding attacks?
Click to expand...

HW acceleration = CTF = Cut Through Forwarding. It's all the same thing.
 
LocalDude said:
I'm curious, if its an issue Asus is aware of, or if it it's the nature of the physics of how it works. In other words, if it's fixable or not. Not really a deal breaker, but sort of counter productive. Not really a deal breaker since WAN to LAN is only 60 Mbps down 12 Mbps up max speed anyway on residential service. But still...
Click to expand...

Bypassing parts of Netfilter is partly how better performance is achieved. This is by design.

No one but Broadcom knows the details. Not even Asus has the source code to the blackbox that ctf.ko is. That thing makes it hard to implement more innovative features to any Broadcom-based router without having a major impact on performance. Personally, I think this is just bad design from Broadcom.
 
You must log in or register to reply here.

Similar threads

Neo-ST
[RT-AX86U] Can't open ports
Replies
2
Views
974
Neo-ST
Neo-ST
waldo43
Solved Port Forwarding Issue
Replies
6
Views
695
waldo43
waldo43
A
DSL-AX82U HTTP/HTTPS Port Forwarding
Replies
7
Views
358
AX82U-user-2k
A
A
Linksys port forwarding
Replies
13
Views
1K
sfx2000
sfx2000
R
Exposed ports on WAN - why?
Replies
5
Views
710
ColinTaylor
C
Similar threads
Thread starter Title Forum Replies Date
kaanaslan DSL-AC88U Port Forwarding doesn't seem to be working when not in the local network ASUS AC Routers & Adapters (Wi-Fi 5) 5

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 693 (members: 33, guests: 660)
Top