Invalid IP when trying to set up passthrough

[Brad Isaac]

Hi all,

I have an ASUS RT-AC68P. Today I went to set an inbound firewall rule which would enable port 3389 access from my office IP to my internal home PC. Every time I try it, I get an error: 192.168.1.231 is not a valid IP address! I used Logmein to verify that 192.168.1.231 is my computer's local IP address.

When I look under network map, yep, my home PC is listed as 192.168.1.231.

What's going on with this? Any way for me to get this working?

 

[CaptainSTX]

What you are trying to do is a terrible idea from a security standpoint. What you should do instead is set up a VPN server on your router.

However if you want to login to your home PC from the office you can't use its private LAN IP you need to try to connect to your public WAN IP on the router. Then it can be forward it to your PC.

Before you try this high risk activity be sure to have complete backup of your PC and make sure your passwords are SUPER secure. Be prepared for the attack of the zombie BOTs!

FYI: Today in fourteen hours Skynet has blocked twenty one probes of Port 3389 on my router.

 

[OzarkEdge]

Hi all,

I have an ASUS RT-AC68P. Today I went to set an inbound firewall rule which would enable port 3389 access from my office IP to my internal home PC. Every time I try it, I get an error: 192.168.1.231 is not a valid IP address! I used Logmein to verify that 192.168.1.231 is my computer's local IP address.

When I look under network map, yep, my home PC is listed as 192.168.1.231.

What's going on with this? Any way for me to get this working?

You may need experienced advice to avoid exposing your home LAN to the Internet.

However, I can comment that 192.168.*.* are intended for internal LAN use and can not be routed on the Internet.

OE

 

[Brad Isaac]

Hi all, thanks for the concern. I was only going to manually open 3389 at small intervals to run some autohotkey scripts from home so I'm not tying up my office PC. Logmein doesn't record keystrokes as well as RDP. I'm aware of the threats on 3389 and how easy it is to hack. I don't have 3389 open on any of my business client networks nor would I. Again, I'd be actively monitoring the PC during all times 3389 is open. When I'm done, I'll close it.

I found the Port forwarding setting. I was looking for NAT.

Out of curiosity, if you lock the originating IP as the only IP which has access to the home RDP port, do you still consider it a risk? I still turn it off when I'm done because that port gives me the creeps. But I did Metasploit scans from inside and outside my Office network. Inside my network, the RDP port is showing open, but outside my office on LTE, it is showing no ports open on my home network. What risks are there with that? Just trying to learn... TIA