Hello SNB Forum -
I’ve discovered something that narrows things down. Searching Google, I’ve found a number of posts to various forums which clearly indicate that Port Forwarding is not available if the internal ASUS firewall is enabled.
One responder said - Sorry, you will have to choose one or the other. If you really need Port Fowarding, you will need to provide a firewall function elsewhere, possibly in your Windows or Linux game server.
The PF inop cases were “solved” by disabling the ASUS firewall.
I was under the impression that I should just enable the ASUS firewall and forget it.
So now, I try very specific port scans with the firewall on and off. Bit of a breakthrough !!
I use “Network Analyzer” an iOS app. I has a great port scanner in the toolkit. You can give it list of ports, ranges etc. It keeps these lists.
After a scan completes, there is a dot next to each port number:
The dot is GREEN - the port is open and there is somebody answering IP on that port.
The dot is RED - the port is closed ( nobody home to answer IP ).
The dot is GREY - the port is blocked by a firewall.
I am scanning only some 15 individual ports from 8200 and up to the ASUS remote administration webui port. So with the firewall enabled, every port is GREY - (firewall blocked) except GREEN for the ISY and the ASUS remote administration webui port.
Again, ISY is a red hearing. It punches its own whole through firewalls. Beyond my pay-grade how, but it’s irrelevant.
Now, with the firewall disabled, we have a Brave New World !!
Scanned ports not in the Port Forward table are now RED !!! (nobody’s home).
Every port in the PF table are now GREY (blocked by firewall).
No change to ISY and ASUS remote admin, still GREEN.
I can change any RED port to GREY by adding it to the PF table.
It’s as though the firewall function is still blocking any ports in the PF table. There is no other firewall function in the path here. There are a couple Win10 Pro PCs as WiFi clients and they’re running the MS firewall, but they aren’t in the path to my various IOT local devices.
At one time, I thought my ISP could possibly be blocking the ports. Now that I can block them at will by adding them to the PF table, the problem is clearly inside the AX11000 or the RT-AC68U, which exhibit identical behavior.
Is it possible that there’s a subtle firmware issue I’ve stumbled upon and awakened ??
What is going on at ASUS these days ??
Would their Tech Support guys respond to a concisely worded problem description ??
What about DD-WRT which IS available for the RT-AC68U ?? Any chance they support AiMESH WiFi ??
AiMESH is amazing technology and I’ve tested the hell out of it ...
It exceeded every expectation.
AiMESH is the only reason I’m transitioning from Netgear.
This has been a difficult one. I’m approaching 40 hours on this dammed problem.
Thanks for ANY ideas. Not yet desperate, but I’m getting there ...
Sincerely, Jere Larson