INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Jobs

Port forwarding headache

Port forwarding headache

(OP)
I have a rather convoluted Internet connection and can't get port forwarding to work - need help.

I have a Verizon MiFi 2200 as my modem.  It is linked to my LAN using a Linksys WRT54G with Tomato 1.28 as a wireless client - "brouter".  The brouter makes a wireless connection to the MiFi and then is connected to the LAN via Ethernet cable with a LAN IP of 192.168.1.2.  This set up works fine for normal browsing.

I have a Windows Home Server with fixed IP of 192.168.1.200.  The WHS can access the Internet okay.  I am trying to set up port forwarding for port 80 to the WHS for remote HTTP access - port 80.  The MiFi has minimal port forwarding capability.  The only choice I have is to check the protocol involved and assign the IP to forward to.  The WRT54G has full port forwarding capabilty as offered by Tomato.  I have tried setting the MiFi to forward HTTP (port 80) to 192.168.1.200 with the brouter set to forward first no setting then I tried 192.168.1.200.  Neither works.  I have tried forwarding the MiFi to 192.168.1.2 (the LAN address of the brouter) with both no port forwading and with 192.168.1.200 set in forwarding on the brouter.

I'm not having any success.  Can anyone help with this somewhat wierd setup?

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

Port 80 might already be reserved for http access.  You could try assigningn the remote management to port 8080 and add the port forwarder to that port.  Good luck!

Dr. Cool
STAFTLSKHO.

RE: Port forwarding headache

(OP)
That option is apparently not available on the MiFi.  The only option available is "HTTP (Web) Server".  Should I forward that to the WRT54G LAN IP (192.168.1.2) then forward 8080 to the WHS?

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

Silly question - is the firewall open on the WHS for port 80 on incoming connections? Can you connect to 192.168.1.200 with your browser from another internal system?

I've had challenges sometimes with static IPs as forwarding targets when DHCP is enabled.  If the DHCP server is enabled, try adding a reservation for 192.168.1.200 with the appropriate MAC address, and set the WHS to DHCP. It will still pull the same address as though it was static, but it will be registered in the DHCP clients table as well, which might make the MiFi happy. (I'm assuming that the MiFi is functioning as the DHCP server)

RE: Port forwarding headache

(OP)
The firewall is configured.  I had Hughesnet satellite as my ISP earlier and I was able to configure my router (WRT54G before Tomato firmware) to forward port 80 to the WHS.  I was able to access my WHS from a remote site using TZO to translate the IP.  Since switching to Verizonwireless and the MiFi, I've lost that capability.

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

I dont know much about the Mifi "Modem" as you call it but it sounds to me like it is actually a router and this may be your problem. I making this assumption from what you are saying you are doing...

If it was solely a modem then you would not have ANY options for port forwarding at all but you say yo do. Forget a minute about these devices and remember the old dialup modems that connected directly into your PC. Could you configure these with port forwarding and did you have a LAN address? No you wouldn't, you were directly on the internet with a public IP and no option to port forward. Port forwarding is something only applicable to routers so this suggests you have exactly that.

Now you can get modem/routers all in one which I suspect you have. This means there is another network somewhere though which I don't think you are aware of and this is the problem.

Here is problably your set up:
the modem gets internet access (public IP) via your carrier (verizon). This also has an internal network accessed wirelessly. This is the hidden network you don't know about. It will have a completely different subnet for example 192.168.0.x. It is set to assign IP addresses automatically to give internet access to wireless clients.
Your Linksys connects to your modem via wireless and gets an IP address automatically from the modem for example 192.168.0.87. This (according to your Linksys) is it's WAN/public IP address.
The Linksys other network card is on your LAN (which is another network again) with an IP of 192.168.1.2. This is the network your server is on.

Hopefully you can picture all of this in your head see what you are missing. Everything has to be "daisy chained" correctly.
You need to find out what the IP address is on the WAN side of the Linksys and port forward port 80 from your Verizon to this IP. So in my example port forward 80 to 192.168.0.87 from the Verizon device.
Then you need to port forward port 80 from the Linksys to 192.168.1.200

I am 99% confident this is your problem and fix.

I also have a full intro into IP addresses, subnetting and routing on my blog here http://think-like-a-computer.com/2011/03/04/the-basics-of-ip-addressing-subnet-masks-and-routing/

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

(OP)
muckermucker - I understand what you have said and totally agree.  Yes, the MiFi (Verizon MiFi 2200 Hotspot) is a modem and router.  I am aware of the internal IP (192.168.0.1).  My Linksys connects to the MiFi router and thru DHCP is assigned the IP 192.168.0.2 (only device connected to MiFi).  I have complete control of the Linksys for port forwarding and have tried forwarding port 80 to my server (192.168.1.200).  The problem is, the MiFi offers very little in port forwarding options.  It only has checkboxes for port forwarding to a WLAN IP.  The checkboxes do not define a given port, only a specific protocol (HTTP Server, FTP Server, etc.).  So, I cannot be sure of what port it is forwarding.  It appears there just aren't enough "handles" to permit me to do what I need to do.

 

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

Ok, well HTTP is port 80 which is the port you want so port forward that from your MIFI to 192.168.0.2 and it should work.

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

(OP)
As mentioned, my ISP is Verizon Wireless.  Although, Verizon will not admit it, I am convinced they are blocking port 80.  I used to have Hughesnet as my ISP and I was able to set up port forwarding to my Home server.  Since changing to first Alltel then Verizon, I have not been able to make it work.  With Alltel, I used a PC 5750 data card.  A port analysis showed the data card blocked port 80.  Verizon took over Alltel and I switched to the Verizon MiFi 2200 Hotspot.  Still no joy.

Just to be sure it is not an issue with trying to access from within my own network, could you please try http://Kerrplunk.HPHomeServer.com?

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

Yes that failed but I pinged it and it resolved 75.226.238.59.

Is that your IP for sure?
There is a way to test whether they are blocking port 80 although I doubt it.

Do you know how to get your website (I presume windows IIS) to listen on a different port? If so change it from port 80 to say 8080 then set up port forwarding on both routers for this.

Now connect to your si.........Oh dear!!! just I wrote those last words I noticed something...I think I know the cause of it.

That link you sent http://kerrplunk.hphomeserver.com/ redirects for some reason to https://www.kerrplunk.hphomeserver.com/ which not only is it a different IP address but https is not http. http is port 80 and https is 443 so you have two problems here.

I noticed though that if I drop the s from https://www.kerrplunk.hphomeserver.com to http://www.kerrplunk.hphomeserver.com it works so I think this is your problem.

So the first I need to know is what is your IP address, is it 75.226.238.59 or 108.59.160.162?

Forget about the port forwarding stuff for the moment, it looks like that isn't the issue.

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

(OP)
I'm using TZO.com for the IP translation.  The IP is, in fact, 75.226.238.59.

My server is a Windows Home Server and I'm not sure I can change the port assignment.  But, even if I could, the port forwarding ability on the MiFi is predefined to specific protocols, no port numbers shown.

As for http vs https, I do not have a handle for https on the MiFi modem/router.  As for the Linksys, I am already forwarding port 443 to my server.

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

I know about this kinda stuff as I work with websites also. Your site I think is defaulting to https so when anyone tries to access it on http it redirects to https and then with whatever the URL is.

It only worked for me because after the redirection (which failed) I manually editted the URL to remove the s.

Your site of http://www.kerrplunk.hphomeserver.com in fact redirects EXACTLY to https://www.kerrplunk.hphomeserver.com/HPHome.

Notice the HPhome on the end. I then dropped the s from https and it worked which means your URL is http://www.kerrplunk.hphomeserver.com/HPHome/.

If you try to access this it should work for you. let me know if it does.

If it does it very easy to solve but I'll see what your response is first.

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

In fact I don't need to wait for your response I am 100% sure of it.

All you need to do now is port forward https on BOTH routers to the correct IP's like you have done with http and it will work.

Let me know if it does.

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

(OP)
Interesting.  I just had my son try and he was able to connect, too, but got a browser error when he attempted anything.  I'll have to review permissions and web setup, but I think maybe you have uncovered the secret.

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

(OP)
Actually, I have port forwarded the Linksys router.  Unfortunately, I do not have a handle for it on the MiFi as best I can tell.

Here's the entire list I can work with on the MiFi.  All I can do is check a given item and enter an IP to forward to.

Application IP Address on WLAN
 DNS (Domain Name Server)    
 FTP Server    
 HTTP (Web) Server (this one is checked)   
 NNTP Server    
 POP3 Server    
 SMTP Server    
 SNMP Server    
 Telnet Server    
 TFTP Server    
 

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

It is not permissions...Pay attention to what the link says when your son hovers his mouse over the links...Notice they all start with https. This why those links fail. The site links are all appended with https and not http. If you copy any one of those different links and just drop the s from https they will work.

Https uses port 443
Https uses port 80

It fails because you have https port 443 blocked.

You have two solutions here.

1. Open up https - This is by far the easiest and most preffered as it is more secure but as you said your Verison router may not have this option. This would be extremely poor though of them as https is the next most common protocol after http.

2. Go into the HP web server management tool for the website. I have no idea where this is but these types of packages always have somewhere you can manage them, I am sure you know where it is.
Once in it you need to look for the option to disable https or something to do with certificates. It will be there somewhere. If you disable this it will revert back to http and this will also work.

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

(OP)
Found a setting on the TZO setup that would explain the redirect to https.  There was a checkbox to "Enable SSL forwarding" - was recommended and defaulted to this.  I'd prefer using SSL, but looks like the MiFi won't let me.

I unchecked the checkbox.  Would you please try now to see if the redirect has cleared?

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

BTW are you sure you don't have anywhere on the MIFI to port forward custom port numbers? It may be called something like services?

On Netgear routers it similiar to how you describe but if the port doesn't exist I go into a section called Services and create this entry myself. IE I might create one for VPN's called PPTP_VPN with port 1723. Then I go back to the port forwarding and it is now listed in the drop down box. Anything like that there?

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

(OP)
The closest thing I can find for custom port numbers is the MiFi provides the ability to download its config data in a text file and also to upload a config file.  I'm going to try something here and hope I don't blow myself out of the water.

Within the downloaded config file is the following:
<PortForward>
<dns>0</dns>
<dnsip>0</dnsip>
<ftp>0</ftp>
<ftpip>0</ftpip>
<http>1</http>
<httpip>192.168.0.2</httpip>
******* I'm going to try this addition *****
<https>1</https>
<httpsip>192.168.0.2</httpsip>
********************************************
<nntp>0</nntp>
<nntpip>0</nntpip>
<pop3>0</pop3>
<pop3ip>0</pop3ip>
<smtp>0</smtp>
<smtpip>0</smtpip>
<snmp>0</snmp>
<snmpip>0</snmpip>
<telnet>0</telnet>
<telnetip>0</telnetip>
<tftp>0</tftp>
<tftpip>0</tftpip>
</PortForward>

The additional lines may take, be ignored or blow it up.  Wish me luck.

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

You are knackered mate. I just looked up your MIFI manual and like you said you can't forward https, a bit of a joke really!
And I looked up the manual for this HP website thing and it says https is a requirement because of the sensitive data being transmitted.

What does this mean for you??? You're gonna have to buy a new router, one that allows you to port forward https.

I tested it again for you and I get the main page but like I said the links from then on are embedded in the HP software and nothing to do with the redirection from TZO so subsequent links use https and fail.

Good luck!

As I spent a lot of time on this would you do me a favour also pls?
I am trying to promote my blog as you can see in my sig. It is very new and I haven't managed to get it noticed much in Search Engines so it hasn't had much exposure yet. Would you mind leaving a few comments on some posts for me? There's only about 5 lol. And if you have a website yourself maybe link to my IP address article. winky smile

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

Ammending the config file won't work...trust me! And you may break your router. I wouldn't try it if I were you.

Take a look at my IT blog guides, knowledgebase  and technical resources at http://think-like-a-computer.com

RE: Port forwarding headache

(OP)
Before I die, I will check out your blog and make some comments.  You've been a big help.  Thank you very much.

"Retired Programmer".  So, please be patient.

RE: Port forwarding headache

(OP)
Too late - but, it just didn't take.  Whew!

"Retired Programmer".  So, please be patient.

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members!

Resources

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close