ASUS GT-AC5300 Turning on Port Forwarding Shuts down Management

K-teach

Occasional Visitor
I recently purchased an ASUS GT-AC5300. Great initial thoughts and enjoying the detail in customization. However, I have run into a simple, yet show stopping problem. Every time I toggle “Enable Port Forwarding” on, it goes through some loading animations, says “Complete” but the Complete never leaves the screen. Then, if I reload I cannot access the web management console. Also, I can no longer reach the router through a Mobile app.

I have factory reset and done this three times. Each time the same, after “Complete” nothing happens and I cannot in anyway manage the router. My firmware is Version 3.0.0.4.384.82037. Any help or tips where to look would be appreciated. Thank you.
 

OzarkEdge

Part of the Furniture
I recently purchased an ASUS GT-AC5300. Great initial thoughts and enjoying the detail in customization. However, I have run into a simple, yet show stopping problem. Every time I toggle “Enable Port Forwarding” on, it goes through some loading animations, says “Complete” but the Complete never leaves the screen. Then, if I reload I cannot access the web management console. Also, I can no longer reach the router through a Mobile app.

I have factory reset and done this three times. Each time the same, after “Complete” nothing happens and I cannot in anyway manage the router. My firmware is Version 3.0.0.4.384.82037. Any help or tips where to look would be appreciated. Thank you.

You could try the latest firmware:

ROG Rapture GT-AC5300 | Gaming Routers|ROG - Republic of Gamers|ROG USA (asus.com)

Definitely reset it before configuring it.

OE
 

K-teach

Occasional Visitor
Of course! Interesting, when this started on the weekend, I was using the latest firmware. I will report back if it works or not. Thanks.
 

z3razerviper

Occasional Visitor
I have been having the same issue with just about everything on the latest firmware. Even after rolling back its doing it. The latest firmware has tons of problems and it seems to even cause problems when rolling back.
 

L&LD

Part of the Furniture

z3razerviper

Occasional Visitor
Thank you after using the Firmware Restoration Utility everything seems to be working fine with the roll back. I wonder how it does different than the web client.
 

K-teach

Occasional Visitor
Odd. So now I can "enable port forwarding". In the sense of clicking the the switch and adding profiles, without the router web console crashing. However, they do not work. By that I mean I can access the ports directly on my lan, but when I try my external IP on those ports, they do not map through to the internal ports. I am using the latest firmware. Any ideas?
 

z3razerviper

Occasional Visitor
Odd. So now I can "enable port forwarding". In the sense of clicking the the switch and adding profiles, without the router web console crashing. However, they do not work. By that I mean I can access the ports directly on my lan, but when I try my external IP on those ports, they do not map through to the internal ports. I am using the latest firmware. Any ideas?
What firmware are you on?
 

drabisan

Very Senior Member
Odd. So now I can "enable port forwarding". In the sense of clicking the the switch and adding profiles, without the router web console crashing. However, they do not work. By that I mean I can access the ports directly on my lan, but when I try my external IP on those ports, they do not map through to the internal ports. I am using the latest firmware. Any ideas?
I'm not sure what you mean by "I try my external IP on those ports, they do not map through to the internal ports".
It works on my GT-AC5300 running 9.0.0.4.386_41994. It always worked since I bought this router. First and foremost: make sure you have a public IPv4 address. If your ISP does something weird (DSLight or other similar crap). If you get a public IPv4 address on WAN interface, you go ahead. If it's a private IP address, you'll have to turn ISP device into bridge mode.
If you only have IPv6 address on WAN...that's a hard one!

Simple test is to have on LAN an SSH server. And add a simple profile that maps external port 22 to an internal IP to port 22 . Then ssh from your LAN or from outside to public IP port 22.
Don't start by mapping complex apps like FTP or VoIP. Even Apache may be tricky to configure if you don't know exactly what you do.
You can even configure router's firewall to log accepted packets.
Delete the above rule once it's working. Otherwise you'll end up with plenty of automated scans!
 

Attachments

  • Screenshot from 2021-02-17 12-16-32.png
    Screenshot from 2021-02-17 12-16-32.png
    33.2 KB · Views: 69

K-teach

Occasional Visitor
I'm not sure what you mean by "I try my external IP on those ports, they do not map through to the internal ports".
It works on my GT-AC5300 running 9.0.0.4.386_41994. It always worked since I bought this router. First and foremost: make sure you have a public IPv4 address. If your ISP does something weird (DSLight or other similar crap). If you get a public IPv4 address on WAN interface, you go ahead. If it's a private IP address, you'll have to turn ISP device into bridge mode.
If you only have IPv6 address on WAN...that's a hard one!

Simple test is to have on LAN an SSH server. And add a simple profile that maps external port 22 to an internal IP to port 22 . Then ssh from your LAN or from outside to public IP port 22.
Don't start by mapping complex apps like FTP or VoIP. Even Apache may be tricky to configure if you don't know exactly what you do.
You can even configure router's firewall to log accepted packets.
Delete the above rule once it's working. Otherwise you'll end up with plenty of automated scans!
Thank you for your more detailed response. I have mapped external to internal for a number of years here across a few routers. To give you an idea I sometimes need to test a webserver. So, on a linux box inside my house, I spin up a site and host it on the default "80". I then access the website when offsite by using my external IP on port 80 (It changes incredibly rarely) or, through duckdns, dyn, noip, netgear(if that is my current router), etc. My ISP device is in bridge mode.

My problem is very specific to this router. Which is new to me. I enjoy it a lot, but oddly have had issues forwarding external ports into my LAN. I cannot explain why. First, I had the crashing issue, which I could only come back from by hard restting the router. Thankfully since firmware 3.0.0.4.386_41793 I can at least toggle on the "enable port forwarding" swtich. Which is positive progress! Now, I just get nothing. So I can forward ports to my cameras, ports to my linux boxes serving websites, ports of any number to any device inside the lan and they do not "show" when I am outside my LAN. I can access all of those ports/services while inside so I know the service is working and my servers are resonding to a request on that port. However, the router is not passing on a request from the public IP:port into the internal IP:port.

I tried disabling the firewall thinking maybe it was a conflict there. Even with no firewall enabled, I get nothing.
 

ColinTaylor

Part of the Furniture
Double-check that your router's WAN IP is still a public one and not a CGNAT address, e.g. 100.x.x.x.

You can check whether the port forwarding rules have been applied successfully at System Log - Port Forwarding.
 

K-teach

Occasional Visitor
Definately a public IP. I cleared the log, then turned port forwarding off. Then turned it on. I have attached the short log. The only thing I saw related to port mapping were these two lines:

Feb 18 18:03:58 miniupnpd[6435]: Unauthorized to remove PCP mapping internal port 23749, protocol TCP
Feb 18 18:03:58 miniupnpd[6435]: Unauthorized to remove PCP mapping internal port 23749, protocol UDP

Which is are not the ports I have mapped. I have simply port 80 and port 443 mapped.
mapped ports.png
 

Attachments

  • log_feb18.txt
    331.6 KB · Views: 74

ColinTaylor

Part of the Furniture
But what do you see under System Log > Port Forwarding (not System Log > General Log)?
 

drabisan

Very Senior Member
Do you have "Enable Web Access from WAN" active? It's under Administration->System.
Try mapping a less known port and forward it to an active internal service. I don't know, maybe Asus internally is not allowing 80 and/or 443...
 

K-teach

Occasional Visitor
But what do you see under System Log > Port Forwarding (not System Log > General Log)?
Sorry. Yeah, I guess that would be better. Um. Under the port forwarding tab it has this? I blacked out two ports as those must go to my two plex servers. However all the others listed go nowhere. Like to an internal IP of an old server. What aren't my ports listed here!
 

Attachments

  • ports current.png
    ports current.png
    58.1 KB · Views: 66

ColinTaylor

Part of the Furniture
Sounds like there's still something messed up with your router's NVRAM if it's showing stuff that you had previously setup. After you installed your current firmware did you remember to do the factory reset?
 

K-teach

Occasional Visitor
Um, well, I did the "pin" push reset. Is that not a factory reset? If not, I guess I will do all of that this weekend. Odd I have had such problems, but great if that fixes it. The two Plex ports, just FYI are for current machines. Only configures AFTER the new firmware.
 

ColinTaylor

Part of the Furniture
Yes the pin reset should have worked. Try again but this time use the option in the GUI at Administration > Restore/Save/Upload Setting and check the "Initialize all the settings" box before clicking the "Restore" button. And of course, don't reload settings from a saved backup file.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top