Author Topic: Port Forwarding  (Read 540 times)

Purplexus

  • Regular Poster
  • **
  • Posts: 28
    • View Profile
Port Forwarding
« on: June 08, 2009, 05:49:59 pm »
Noob question
Would someone point me where I can Learn more about the router's Firewall settings please?
I have entered this into my firewall settings in hopes to get my Remote Desktop Connection going

portforward port 3389 on both UDP and TCP protocols yet neither of them are seeming to reach their destination.

The address of the computer was looked up by using ipconfig (WINXP pro) on the computer I am trying to port forward to; and that address was 192.168.80.129

To be more specific the new entry into the Firewall settings appear like this

Protocol=TCP   Source Port=3389 to 3389   Destination Port=3389   Destination IP =192.268.80.129   Rule Type= Port Forward
Protocol=UDP   Source Port=3389 to 3389   Destination Port=3389   Destination IP =192.268.80.129   Rule Type= Port Forward


All help is much appreciated thanks
« Last Edit: June 08, 2009, 06:05:51 pm by Purplexus »

colinjones

  • Alumni
  • LinuxMCE God
  • *
  • Posts: 3003
    • View Profile
Re: Port Forwarding
« Reply #1 on: June 09, 2009, 12:08:09 am »
1. You only need TCP, UDP isn't used.

2. You seem to have the TCP rule set correctly.

3. There are often issues with the Windows firewall in getting these sessions to work, so can you confirm with another PC on the same LAN (the LMCE internal network) that you can connect successfully to that PC, thus possibly ruling out the DCERouter/external LAN as the issue?

4. Sometimes there are issues with connecting between Win XP and Win Vista versions of Remote Desktop... you will need to research that if you still can't connect even from the internal network.

5. Are you trying to connect to a PC on your internal LAN from a PC on your external LAN? Or from the Internet? If the former, then you probably have a routing issue. The PC on the external network is trying to reach the IP 192.168.80.129. But it itself is (probably) on the 192.168.1.x network, and thus it cannot just switch directly to it, this is a layer 3 or routing task. It will forward the packets to the router for that subnet, which is responsible for routing them. This router is almost certainly your broadband router (or standalone router if you have one). That router almost certainly has no knowledge of the 192.168.80.x subnet.... after all, why would it? You never told it about it, and it has no other reason to connect directly to anything on that network (remember the LMCE core is NAT'ing all the internal IP addresses to its own external IP address.) So your router will just be dropping all those packets because they are for a "blackhole" subnet.

To resolve issue 5, you need to administer your (broadband) router, and add a new static route that points all traffic for the 192.168.80.x subnet at the external IP address of your core. This will then allow traffic to route from your external network to your internal network. Alternatively (if your broadband router doesn't let you do this), you can add a persistent route directly to your PC on the external network, pointing at the core's IP address. Either will work but the latter will obviously only work for that one PC.