Port Forwarding

O

orrymr

Active Member
Joined
Apr 15, 2011
Messages
41
Reaction score
1
Hi, I'm trying to set up port forwarding on a NetgearDGN2000 modem. I've gone through the relevant page on portforward.com (http://portforward.com/english/routers/port_forwarding/Netgear/DGN2000/Apache.htm)
I'm not sure why my configuration isn't working. Also, I was wondering, why are my internet IP and my gateway addresses different?
The one is: IP Address 196.210.xxx.xxx
and the other:Gateway IP Address 41.241.xxx.xxx

Isn't my Gateway my router - which has the external (internet) IP address?

Thanks
 
Your gateway IP is the LAN (your internal network) facing side of the router. The internet IP is the WAN (internet) facing side of the router. The router takes LAN traffic and forwards it to the internet and vice versa.

The gateway address is the internal address 192.210.x.x

To forward port 80 or 8080 etc, you need to tell your router the port you want to forward and the internal network address (192.210.x.x) of your server machine. Also make sure firewalls on your server allow that port.
 
Last edited:
If you're on Mweb uncapped, then you might have to disable the ADSL Protected Access for Apache to work.

Your router would act as your home's gateway, but it also needs an Internet gateway for Internet access. The gateway's IP address doesn't have to be in the IP range as the router IP address.
 
SaladCharger said:
Your gateway IP is the LAN (your internal network) facing side of the router. The internet IP is the WAN (internet) facing side of the router. The router takes LAN traffic and forwards it to the internet and vice versa.

The gateway address is the internal address 192.210.x.x

To forward port 80 or 8080 etc, you need to tell your router the port you want to forward and the internal network address (192.210.x.x) of your server machine. Also make sure firewalls on your server allow that port.
Click to expand...

196.210.x.x not 192.210.x.x. Which means its an external ip. Not an internal ip
 
all you need is an internal IP and a port number. shouldn't have to worry about gateways and external IP's. if I'm not mistaken the 10.x.x.x and 192.x.x.x are private ranges? been a while since I did servers and networking.
 
Spooner:
10.*, 192.168.* and 172.16.0.0-172.31.255.255 are the private IP ranges.
 
Prof.Merlin said:
196.210.x.x not 192.210.x.x. Which means its an external ip. Not an internal ip
Click to expand...

Yeah, exactly, which is why I'm confused about the gateway IP address which was 41.241.xxx.xxx. This doesn't correspond to the external IP address, and it's certainly not the internal IP address of the router which is 192.168.0.1. Is the gateway IP address maybe the IP address of the DNS server I'm using?
 
Here's how things work:

1) Your ADSL modem synchronizes with the DSLAM at like 384kbps - 10Mbps down & 128kbps - 1024kbps up.
2) Your router (which can be the same device as the ADSL modem) then makes a PPPoE connection to the ISP. The ISP's DHCP server then gives your router a WAN IP address and WAN gateway to use.
3) Your router will act as a gateway, DHCP server & DNS server. For this it would require a LAN IP address. It's DHCP server will give all your PC's on the LAN (incl WiFi) IP addresses in the private IP range, where the gateway & DNS server IP addresses on the PC's will be that of the router's LAN IP address.

If the PC/router wants to send IP packets to a destination outside of its own IP range, then it would send it to its gateway's IP address.
So for your PC's to have a functional Internet connection, you'll have to configure your PC's such that your router's IP address is their gateway IP address.
For your router to have Internet access, you'll also need a gateway IP address from the ISP.

Here's an example.
Router's WAN: IP address 196.210.123.123, Gateway IP address 41.241.123.123
Router's LAN: IP address 10.0.0.1, subnet mask 255.255.255.0, DHCP IP address range: 10.0.0.100 - 10.0.0.254
PC's IP address 10.0.100, subnet mask 255.255.255.0, Gateway IP address 10.0.0.1, DNS server IP address 10.0.0.1

Now when the PC wants to send packets to 10.0.0.101 (which is within its IP range), it doesn't send it to the gateway. If the PC wants to send packets to the Internet (which is outside its IP range) [eg. 123.123.123.123], it sends the packets to its gateway, which would be the router in this case.
In turn, if the router gets a packet that is destined for the Internet (outside its LAN IP range), it would send the packets to its defined gateway IP address.

All the network devices should have routing tables, which will tell the device how to route the packets.
 
Last edited:
you dont need to worry about external IP addresses or gateways when setting up port forwarding on the netgear. All you need to do is setup custom services and add inbound firewall rule using the custom services.
 
Pada said:
Here's how things work:

1) Your ADSL modem synchronizes with the DSLAM at like 384kbps - 10Mbps down & 128kbps - 1024kbps up.
2) Your router (which can be the same device as the ADSL modem) then makes a PPPoE connection to the ISP. The ISP's DHCP server then gives your router a WAN IP address and WAN gateway to use.
3) Your router will act as a gateway, DHCP server & DNS server. For this it would require a LAN IP address. It's DHCP server will give all your PC's on the LAN (incl WiFi) IP addresses in the private IP range, where the gateway & DNS server IP addresses on the PC's will be that of the router's LAN IP address.

If the PC/router wants to send IP packets to a destination outside of its own IP range, then it would send it to its gateway's IP address.
So for your PC's to have a functional Internet connection, you'll have to configure your PC's such that your router's IP address is their gateway IP address.
For your router to have Internet access, you'll also need a gateway IP address from the ISP.

Here's an example.
Router's WAN: IP address 196.210.123.123, Gateway IP address 41.241.123.123
Router's LAN: IP address 10.0.0.1, subnet mask 255.255.255.0, DHCP IP address range: 10.0.0.100 - 10.0.0.254
PC's IP address 10.0.100, subnet mask 255.255.255.0, Gateway IP address 10.0.0.1, DNS server IP address 10.0.0.1

Now when the PC wants to send packets to 10.0.0.101 (which is within its IP range), it doesn't send it to the gateway. If the PC wants to send packets to the Internet (which is outside its IP range) [eg. 123.123.123.123], it sends the packets to its gateway, which would be the router in this case.
In turn, if the router gets a packet that is destined for the Internet (outside its LAN IP range), it would send the packets to its defined gateway IP address.

All the network devices should have routing tables, which will tell the device how to route the packets.
Click to expand...

So just to be clear, the Gateway IP address, 41.241.123.123, is my ISP's gateway? As in, a whole bunch of routers connect to it, not just mine, right? So in order for me to connect to the rest of the world, I need to go through my ISP's gateway?

The above is mainly out of interest, but I still can't seem to get the port-forwarding to work. The pc in my room has the internal address 192.168.0.4. When I type 192.168.0.4/testSite, I can access the test page from any computer in my house. I've set up an inbound service in my firewall rules. It forwards both port 80 and 443 to 192.168.0.4, ie me (though I don't REALLY need port 443). I'm not sure why I still can't view the page from outside my network. Surely it should forward those http requests to my computer? Unless I've misunderstood how all this works.
 
Yes, your ISP has a gateway 41.241.123.123 (this is just an imaginary IP address), which a bunch of other routers would also use to send their packets through.

Who's your ISP?

I would suggest that you first try and get everything working with your PC's firewall completely disabled. Also note that port forwarding to 192.168.0.4 won't necessarily allow you to connect to http://196.210.123.123/testSite (your imaginary WAN address) from your internal network, since not all routers support NAT loopback.

So I would suggest that you try to access http://196.210.123.123/testSite via another Internet connection.
If this doesn't work either, then you should ensure that Apache is binding (listening) on 0.0.0.0 and NOT on 192.168.0.4 !
You can use TCP View to check whether Apache is listening on the 0.0.0.0:80 local address. You'll have to disable the Resolve Addresses function under Options.
 
Well, I'm using Ubuntu, and I don't think I've got any firewalls aside from the router itself configured.


But... I've found the problem - well you did: "...not all routers support NAT loopback" So I typed the external IP into my phone's browser, and bingo, it works - I guess my Netgear router doesn't support NAT loopback then. Thanks for all the help, this has really saved me from going nuts!
 
Awesome. I'm glad you solved it.

When I have NAT loopback issues, I usually go and create a DDNS (Dynamic DNS) record to point to my external IP address, and then I modify the hosts (/etc/hosts) file (or my local DNS server) such that the DDNS record points to the LAN IP address.

There are often scenarios where that won't solve the problem. Like for the Warcraft III PvPGN servers, I've written a mod where the people can specify a LAN IP address, so that they can join a LAN host if their router doesn't support NAT loopback :)

Routers that have iptables can be configured that they have NAT loopback, but it's usually not an easy task.
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X