Question Help with port forwarding

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
Hi need some help with portforwarding

I currently have a wireless isp and trying to port forward battle.net and moddernwarfare ports,getting server dissconnected ingame sometimes.
I tried using port forward network utilities but the app picks up that my first routers ip is the dish on my roof (ubiquiti) and my second router(Tenda F9) is the one in my house i tried forwarding all the ports on the tenda router but still no luck, i changed my ip to static allso resetted my network and allowed in my firewall for public and private to battle.net and moddernwarfare allso asked my ISP(friend) if he can forward the ports for me he replied later i can test it now i see in my setting ingame it shows NET STAT is moderate and not opened is there something else i can try? i used network utilities to check if my ports are open for example port 1119 and it shows closed but it picks up the ip of the dish on the roof and not the one inside my house that i made static?

Some help would be much aprecciated
 
So first do you have a public IP on the router on the roof. If the IP you see in the wan the same as sites like whatsmyip. If not you have no hope since there is another router owned by the ISP also doing nat.

Best if you could find a way to only have 1 router. Either run the one on the roof as a bridge or the tenda as a AP.

Other wise you need to set the wan ip on your tenda to a fixed static IP. Then set a DMZ rule in the roof router pointing to that IP. Then you should be able to do normal port forwarding on the tenda router.
 

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
i checked now my ip on the roof is different as the one on my router wan. the ip on roof starts with 41. and the one on my router wan starts with 192.

Is there another method i can try? like the AP you mentioned to do myself or must the isp come out to do it?
i checked the default gateway for the one on roof ubiquiti but need username and password as for the isp wont provide that info for me :(


So first do you have a public IP on the router on the roof. If the IP you see in the wan the same as sites like whatsmyip. If not you have no hope since there is another router owned by the ISP also doing nat.

Best if you could find a way to only have 1 router. Either run the one on the roof as a bridge or the tenda as a AP.

Other wise you need to set the wan ip on your tenda to a fixed static IP. Then set a DMZ rule in the roof router pointing to that IP. Then you should be able to do normal port forwarding on the tenda router.
 
Running AP mode likely is as simple as setting the option in your router. Otherwise search how to use a router as a AP. It is actually trivial even on routers that do not support AP mode.

Still that will only solve the problem if you can get access to the ubiquiti router. You need to put port forwarding rules into that router.

Contact the ISP and see if they can place that device into bridge mode. It should then assign the 41.x.x.x ip to your wan port of your current router and normal port forwarding will work.

Otherwise see what they will do about putting in port forwarding rules for you. I suspect they will not want to deal with that.
 

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
So first do you have a public IP on the router on the roof. If the IP you see in the wan the same as sites like whatsmyip. If not you have no hope since there is another router owned by the ISP also doing nat.

Best if you could find a way to only have 1 router. Either run the one on the roof as a bridge or the tenda as a AP.

Other wise you need to set the wan ip on your tenda to a fixed static IP. Then set a DMZ rule in the roof router pointing to that IP. Then you should be able to do normal port forwarding on the tenda router.
Hi this is a laaaaate reply🙈 at last got access to my router on the roof and my isp made my ip static, i see on the ubiquiti there is option for port forwarding or dmz rule, another thing i noticed that router on roof has NAT setting on and the SIP, PPTP, FTP and RTSP is all selected im not sure by what you meant that my wan ip must be static i see under WAN IP adress there is option for DHCP, STATIC and PPPOE then the static one is selected dont want to fiddle to much with settings as im not an pro with this stuff, what do i need to check next in order to do proper port forwarding? So basically i have tenda router in my house with my wan ip, then the ubiquiti on the roof that is linked or directed to the main AP on the mountain whats bothering me is that im running basically through 3 routers with NAT if im correct my tenda router wan ip starts with 192. the ubiquiti on the roof ip starts with 120. and the main AP on the mountain ip starts with 41. If i normally use app on google to check if ports are open and select use my current ip it automatically selects the ip that starts with 41 and that is the main AP on the mountain?? Hopefully it is not too confusing?
 
It is somewhat strange that they use 120.x.x.x on your device but you still see the 41.x.x.x.

The only IP that matters is the one you see on sites like whatsmyip. That is the public IP that you are actually using to communicate with the internet. You must have control of the device that has that IP assigned to it.

In any case when you have mulitple routers you either put in port forwarding rules into each router or you use the DMZ. DMZ is easier and if you ever need to add another port you do not have to mess with it. It is a security exposure if you do it on the final router.

So say you have 2 routers. internet --wan-r1-lan-----wan--r2---lan---end device.

Now lets say you have

a.b.c.d wan on router 1.
10.x.x.1 lan on router 1
10.x.x.100 wan on router 2
192..x.x.1 lan on router 2
192.x.x.59 end device.

So you would need 2 port forwarding or DMZ rules.

Router 1 you would dmz to 10.x.x.100.
router 2 you would port forward to 192.x.x.59
 

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
It is somewhat strange that they use 120.x.x.x on your device but you still see the 41.x.x.x.

The only IP that matters is the one you see on sites like whatsmyip. That is the public IP that you are actually using to communicate with the internet. You must have control of the device that has that IP assigned to it.

In any case when you have mulitple routers you either put in port forwarding rules into each router or you use the DMZ. DMZ is easier and if you ever need to add another port you do not have to mess with it. It is a security exposure if you do it on the final router.

So say you have 2 routers. internet --wan-r1-lan-----wan--r2---lan---end device.

Now lets say you have

a.b.c.d wan on router 1.
10.x.x.1 lan on router 1
10.x.x.100 wan on router 2
192..x.x.1 lan on router 2
192.x.x.59 end device.

So you would need 2 port forwarding or DMZ rules.

Router 1 you would dmz to 10.x.x.100.
router 2 you would port forward to 192.x.x.59

thanks for the reply im still what confused with the dmz option, i checked now on whatsmyip and it shows me the 41.x.x.x ip. But in anycase so in my router in my house the tenda one do i dmz the ip that is static on the ubiquiti it starts with 120.x.x.x and on the ubiquiti i dmz the wan ip on my router that is 192.x.x.x? if i go to cmd and type in ipconfig my ipv4 adress allso starts with 192 but ends in a different range as my wan ip does that matter? or is it better to make my ipv4 allso static? the option on the tenda only give me an dmz ip and the one on the ubiquiti gives me the ip and an option to DMZ MANAGEMENT PORTS enable?

hope it is not too confusing will try to explain better if needed or maybe in a personal chat give exactly the ip's i have in front of me so you could guide me through the steps?
 
You need to do these 1 at a time and ignore the other routers. All the DMZ does is say what IP do I send all the traffic to. The last router you send it to your pc. The second router you send it to the first router wan port. etc.

I suspect very strongly you are not going to get this to work. Is there any device you can log into that has a WAN ip of 41.x.x.x. That is your public IP no matter what all the other addresses are. That is the IP you are actually using. You must control the router that has been assigned that IP address.
 

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
You need to do these 1 at a time and ignore the other routers. All the DMZ does is say what IP do I send all the traffic to. The last router you send it to your pc. The second router you send it to the first router wan port. etc.

I suspect very strongly you are not going to get this to work. Is there any device you can log into that has a WAN ip of 41.x.x.x. That is your public IP no matter what all the other addresses are. That is the IP you are actually using. You must control the router that has been assigned that IP address.


Unfortunately i dont have access to that ip and i understand what you mean doesnt help i use dmz or port forwarding on my 2 routers at home if the main router of 41.x.x.x.x have NAT on it then it will be probly useless to forward ports on my side if the main ap is blocking it i will ask my isp again if he can do manual port forwarding on the main AP. i noticed that all ports are closed like
  • 21 FTP
  • 22 SSH
  • 23 TELNET
  • 25 SMTP
  • 53 DNS
  • 80 HTTP
  • 110 POP3
  • 115 SFTP
  • 135 RPC
  • 139 NetBIOS
  • 143 IMAP
  • 194 IRC
  • 443 SSL
  • 445 SMB
 
It really depends on exactly why you think you need to port forward. You only need to forward ports if you are hosting a game. Many people see list of ports games use. These are ports that need to be open on the server not on your pc.

Mostly you use ports for games that there is no central server.

Highly unlikely the ISP will forward ports for you. It becomes a massive amount work for them to keep it all straight especially if they have mulitple customers. They would be much more likely to find a way to assign your router a actual public ip.
 

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
It really depends on exactly why you think you need to port forward. You only need to forward ports if you are hosting a game. Many people see list of ports games use. These are ports that need to be open on the server not on your pc.

Mostly you use ports for games that there is no central server.

Highly unlikely the ISP will forward ports for you. It becomes a massive amount work for them to keep it all straight especially if they have mulitple customers. They would be much more likely to find a way to assign your router a actual public ip.

On the moment im using blizzard app and playing modern warfare everytime im ingame i just play a while then i loose connection gives me long error code looked it up and says need to open ports on 443,80 etc. Blizzard app allso connecting/reconnecting the whole time, utorrent allso extremely slow on downloads in bottom right corner it doesnt give my the green mark it gives me red cross saying i need to open ports cause router is Natting port. I have disabled my firewall, allowed all through firewall, added exceptions in security, resetted network none is helping so all i can think of is the main router is closed on ports i went to cmd and checked netstat and all those ports are showing listening none of them is established. Will ask isp if i cant maybe get my own static ip? Will that work if i get a fixed ip? Noticed on ubiquiti router that the ubiquiti on my roof is static ip but my wan or tenda router is dynamic ip assigned
 
I think a bunch of idiots work for these companies. They really put out a lot of misinformation about ports. Then again it is not likely the actual engineers answer questions.

Port 443 and 80 are standard web ports. They are ports YOU connect to not ports that someone else is using to connect to your machine. Nothing at all would work if those 2 ports were not allowed. What is normally done is your port opens a session with a destination of 443 and a source port of say 56123. The router will automatically put a entry in that says traffic can come back to port 56123 from the server. You do not need to port forward or anything.

The only time you would need ports 443 and 80 open is if you actually had a web server running inside your house for people on the internet to access.

Now there are people that actually do run game servers in their house. We see minecraft questions all the time. In those cases you do have to port forward the port being used by the mine craft server.

Modern warfare uses central servers. So you will always be connecting to them not them connecting to you. So you do not need any ports forwarded.


I think part of the confusing is people do not know the difference between firewall rules and port forwarding. You could put in a firewall rule that says block port 443. This would basically break your machine since you have now blocked all HTTPS. In general the firewall will allow out all ports. It is always a good test to disable the firewall when you get connecting problems but it really should make no difference.

I suspect you either have a problem with the game or there is a more generic network issues. Leave a constant ping run to your router IP and a common ip like 8.8.8.8. See if those IP have issue at the same time.
 

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
I think a bunch of idiots work for these companies. They really put out a lot of misinformation about ports. Then again it is not likely the actual engineers answer questions.

Port 443 and 80 are standard web ports. They are ports YOU connect to not ports that someone else is using to connect to your machine. Nothing at all would work if those 2 ports were not allowed. What is normally done is your port opens a session with a destination of 443 and a source port of say 56123. The router will automatically put a entry in that says traffic can come back to port 56123 from the server. You do not need to port forward or anything.

The only time you would need ports 443 and 80 open is if you actually had a web server running inside your house for people on the internet to access.

Now there are people that actually do run game servers in their house. We see minecraft questions all the time. In those cases you do have to port forward the port being used by the mine craft server.

Modern warfare uses central servers. So you will always be connecting to them not them connecting to you. So you do not need any ports forwarded.


I think part of the confusing is people do not know the difference between firewall rules and port forwarding. You could put in a firewall rule that says block port 443. This would basically break your machine since you have now blocked all HTTPS. In general the firewall will allow out all ports. It is always a good test to disable the firewall when you get connecting problems but it really should make no difference.

I suspect you either have a problem with the game or there is a more generic network issues. Leave a constant ping run to your router IP and a common ip like 8.8.8.8. See if those IP have issue at the same time.
I think a bunch of idiots work for these companies. They really put out a lot of misinformation about ports. Then again it is not likely the actual engineers answer questions.

Port 443 and 80 are standard web ports. They are ports YOU connect to not ports that someone else is using to connect to your machine. Nothing at all would work if those 2 ports were not allowed. What is normally done is your port opens a session with a destination of 443 and a source port of say 56123. The router will automatically put a entry in that says traffic can come back to port 56123 from the server. You do not need to port forward or anything.

The only time you would need ports 443 and 80 open is if you actually had a web server running inside your house for people on the internet to access.

Now there are people that actually do run game servers in their house. We see minecraft questions all the time. In those cases you do have to port forward the port being used by the mine craft server.

Modern warfare uses central servers. So you will always be connecting to them not them connecting to you. So you do not need any ports forwarded.


I think part of the confusing is people do not know the difference between firewall rules and port forwarding. You could put in a firewall rule that says block port 443. This would basically break your machine since you have now blocked all HTTPS. In general the firewall will allow out all ports. It is always a good test to disable the firewall when you get connecting problems but it really should make no difference.

I suspect you either have a problem with the game or there is a more generic network issues. Leave a constant ping run to your router IP and a common ip like 8.8.8.8. See if those IP have issue at the same time.

Thanks alot for the info will give it a try and ping router and ping google servers etc. Have tried to ping my tenda and ubiquiti about 20 times and my ms show 1 the whole time and packet loss 0 if i go to a site like port checker and test all those ports like 443,1115,80,20 etc it all shows closed on that public ip of 41.x.x.x allso tried my tenda ip of 196.x.x.x same story and on the ubiquiti ip of 120.x.x.x im basically giving up hope as to i am clueless what to do further all i can think of still is that the problem is with ISP network that incomming traffic is being blocked in some sort of way and needs to be allowed cant think it is my computer or windows 10 cause all my firewall and defender settings have been turned off and still no luck, just bothering me why utorrent will tell me that a router/firewall is limiting your network traffic you need to open up a port so that others can connect to you.
 

ruanwagenaar27

Honorable
Sep 5, 2017
119
0
10,680
Thanks alot for the info will give it a try and ping router and ping google servers etc. Have tried to ping my tenda and ubiquiti about 20 times and my ms show 1 the whole time and packet loss 0 if i go to a site like port checker and test all those ports like 443,1115,80,20 etc it all shows closed on that public ip of 41.x.x.x allso tried my tenda ip of 196.x.x.x same story and on the ubiquiti ip of 120.x.x.x im basically giving up hope as to i am clueless what to do further all i can think of still is that the problem is with ISP network that incomming traffic is being blocked in some sort of way and needs to be allowed cant think it is my computer or windows 10 cause all my firewall and defender settings have been turned off and still no luck, just bothering me why utorrent will tell me that a router/firewall is limiting your network traffic you need to open up a port so that others can connect to you.

I have download speeds of 18 - 25 mbps and upload of 12 - 18 mbps on utorrent when i get that connection problem it runs at 20 to 100kbps