[SOLVED] Port Forwarding Not Working On Google WiFi

GoldenCrepe

Prominent
Jan 1, 2020
20
0
520
1
I've been attempting to set up a Minecraft server for me and my friends on an old laptop, and everything went great until the dreaded port forwarding. I think I've narrowed it down to be Google WiFi's fault.

Here's what the situation is:
The firewall is allowing JAVA and the port forwarding internally and externally on port 25565 with both TCP and UDP.
The laptop is connected to a Mesh point via Ethernet cable.
The Port Management settings in the Google Home app gives the laptop an internal and external port of 25565 with both TCP and UDP.
IPv6 and UPnP are off.
The laptop has been given a IP reservation.

I've been connecting my computer to a hotspot to simulate other networks trying to connect to the laptop.
I can obviously connect to the server and ping the laptop when I'm connected to the same network, but I cannot connect to the server or ping the laptop when I'm connected to the hotspot.
When I do try to ping the laptop while I'm connected to the hotspot, I get a request timed out error.

Anything will help. Thank you.
 
Last edited:

GoldenCrepe

Prominent
Jan 1, 2020
20
0
520
1
Yes if it works directly you have a public IP.

It is hard to say but it is likely a application issue. So a trick that used to work would be to use the telnet command. I am not sure if you can just use the telnet command. Windows used to require you to turn on/install the command not sure what it does now.

In any case once you get the telnet command do telnet x.x.x.x 25565. You can also do telnet x.x.x.x 25500. A port that is open is slightly different than a port that is not. You are going to have to play with it to tell but it is a simple way to test if a port is open.

You could also try to find a port scan application. What you are trying to do is see if the hotspot is somehow limiting your connection.

Now what I suspect is the port is open but there is still some issue with the application actually using the port.
I figured it out! I basically kept troubleshooting with a port checker, and apparently I was connecting to the wrong IP address. I was attempting to connect to the computer instead of the network, and that was my issue. Thank you for sticking with me!
 
It should not make a difference if you connect to the mesh unit. Performance may not be the best because it is still wifi back to the main router but it should function. The remote units are very simple bridge type of devices they really don't do much other than move data between the ethernet and the wifi radios. I don't think you could filter traffic even if you wanted to.

I would use the DMZ option to start with. Port forwarding rules are messy in some routers. DMZ is pretty simple you only have to get the 1 internal ip correct.

If this still doesn't work then you need to verify that you actually have a public IP. Check the IP you see assigned to the wan interface in the main router. Compare that with a site like whatsmyip. If they IP are different then you do not have a public IP.

If this is all good then you have to determine if the traffic is getting to the pc and it does not respond or the traffic does not get to the pc to start with. The best tool is to use wireshark. This is a brute force capture. It has lots of fancy features but rather than learn this I would just manually try to look though the capture looking for data coming into port 25565. You can either try with your other pc or you can run a port scanners from the internet. I would also do that request from your other pc so you do not capture the web traffic making the scanning request.

.............note you will not be able to ping the internal machine unless you port forward for ICMP.
 

GoldenCrepe

Prominent
Jan 1, 2020
20
0
520
1
It should not make a difference if you connect to the mesh unit. Performance may not be the best because it is still wifi back to the main router but it should function. The remote units are very simple bridge type of devices they really don't do much other than move data between the ethernet and the wifi radios. I don't think you could filter traffic even if you wanted to.

I would use the DMZ option to start with. Port forwarding rules are messy in some routers. DMZ is pretty simple you only have to get the 1 internal ip correct.

If this still doesn't work then you need to verify that you actually have a public IP. Check the IP you see assigned to the wan interface in the main router. Compare that with a site like whatsmyip. If they IP are different then you do not have a public IP.

If this is all good then you have to determine if the traffic is getting to the pc and it does not respond or the traffic does not get to the pc to start with. The best tool is to use wireshark. This is a brute force capture. It has lots of fancy features but rather than learn this I would just manually try to look though the capture looking for data coming into port 25565. You can either try with your other pc or you can run a port scanners from the internet. I would also do that request from your other pc so you do not capture the web traffic making the scanning request.

.............note you will not be able to ping the internal machine unless you port forward for ICMP.
I have some new information! I tried restarting the router after putting in the port information, then went to WhatsMyIp's port scanner, put in 25565, opened the server, and it said it was open. Ecstatic, I connected to the hotspot from my computer, and it still cannot connect to the server. It gives an io.netty.channel error message which, from what I've heard, means it couldn't connect through to the port.

I couldn't find any DMZ options in the Google Home WiFi section, so I'm not exactly sure what to do about that.

Now, my question: What does this mean? Since whatsmyip.org can connect to the port, does that mean I have a public IP? Is wireshark still useful in this situation?
 
Yes if it works directly you have a public IP.

It is hard to say but it is likely a application issue. So a trick that used to work would be to use the telnet command. I am not sure if you can just use the telnet command. Windows used to require you to turn on/install the command not sure what it does now.

In any case once you get the telnet command do telnet x.x.x.x 25565. You can also do telnet x.x.x.x 25500. A port that is open is slightly different than a port that is not. You are going to have to play with it to tell but it is a simple way to test if a port is open.

You could also try to find a port scan application. What you are trying to do is see if the hotspot is somehow limiting your connection.

Now what I suspect is the port is open but there is still some issue with the application actually using the port.
 

GoldenCrepe

Prominent
Jan 1, 2020
20
0
520
1
Yes if it works directly you have a public IP.

It is hard to say but it is likely a application issue. So a trick that used to work would be to use the telnet command. I am not sure if you can just use the telnet command. Windows used to require you to turn on/install the command not sure what it does now.

In any case once you get the telnet command do telnet x.x.x.x 25565. You can also do telnet x.x.x.x 25500. A port that is open is slightly different than a port that is not. You are going to have to play with it to tell but it is a simple way to test if a port is open.

You could also try to find a port scan application. What you are trying to do is see if the hotspot is somehow limiting your connection.

Now what I suspect is the port is open but there is still some issue with the application actually using the port.
I figured it out! I basically kept troubleshooting with a port checker, and apparently I was connecting to the wrong IP address. I was attempting to connect to the computer instead of the network, and that was my issue. Thank you for sticking with me!
 

ASK THE COMMUNITY