Port Forwarding Asus RT-AC68U Router Running Merlin Firmware Version: 384.14_2

  • ATTENTION! As of November 1, 2020, you are not able to reply to threads 6 months after the thread is opened if there are more than 500 posts in the thread.
    Threads will not be locked, so posts may still be edited by their authors.
    Just start a new thread on the topic to post if you get an error message when trying to reply to a thread.

un4gettable47

New Around Here
Hi, I was having much trouble getting portforward.com's port checker tool to confirm that any single port was open at all. I have an Actiontec GT701D in transparent bridge mode, and a RT-AC68U router running Merlin's Firmware Version: 384.14_2

I have a dsl internet connection.

I already assigned a static IP under LAN/DHCP Server/Manual Assignment. I also forwarded many ports under WAN/Virtual Server / Port Forwarding. But when I realized with the port checker tool that they were not confirmed to be opened on my PC, I deleted them all and began testing to try and get a single 80 tcp port to confirm opening.

I am trying to learn how to forward ports properly for my brother's PC. I have seemingly enough had success forwarding ports for my xbox 360 using the methods above, and the connections quality on Gears of War 2 Online improved substantially, feeling host-like most games right here in 2020. There is no way I know of to check if ports forwarded properly to a console, but I could tell they the port forwarding was working with how quickly I found matches, and with how good the connections were.

So anyways, I could not figure out why the same method was not working on PC; until, I finally decided to temporarily disable avast along with windows firewall. And finally, the port was confirmed open. I am pretty sure avast had nothing to do with it, it was the windows firewall that was the issue. So my question is, what is the best and safest way to get these ports through the firewall? I found in advanced settings for windows firewall, that there is inbound and outbound rules. And I can create a new rule for a tcp and or udp ports. Is this the proper way to give these ports access through the firewall or am I off base? Is this a security risk? Thanks for your time.

Edit: I just tried making and inbound/outbound rule to allow port 80 tcp, port checker says the port is closed still?
 
Last edited:

ColinTaylor

Part of the Furniture
Don't forward ports manually. Enable UPnP on the router and let the application forward ports automatically as and when it needs them. The application should take care of any Windows Firewall rules if it needs to.

EDIT: Also check that the router's WAN interface actually has a public IP address and not a private one.
 

un4gettable47

New Around Here
Don't forward ports manually. Enable UPnP on the router and let the application forward ports automatically as and when it needs them. The application should take care of any Windows Firewall rules if it needs to.

EDIT: Also check that the router's WAN interface actually has a public IP address and not a private one.

I have found that for an old 360 game like Gears 2, it needs perfect internet setup otherwise I have trouble finding people in matchmaking during active hours; and when I do get into a game connection is lacking. After forwarding ports manually I simply feel like I am the host of the match, even though I am not. It's great and best internet setup I have ever had. It's much better for some reason, even better than when I use to put my console in DMZ. I am just looking to do the same for my brothers PC regarding manually forwarding ports. upnp seems weak. I have a WAN IP of 70.xx.xxx.xx

Thanks man.

And either way I have kept upnp enabled.
 

ColinTaylor

Part of the Furniture
It's much better for some reason, even better than when I use to put my console in DMZ.
Placebo. DMZ is exactly the same as manual port forwarding but with "all ports" specified.

I am just looking to do the same for my brothers PC regarding manually forwarding ports. upnp seems weak.
Don't put your brother's PC's security at risk trying to fix a problem that doesn't exist. Manually forwarded ports are open all of the time and allow anyone to connect. That's one of the reasons why UPnP is better because the application can remove its forwarding rules when it doesn't need them any more.
 

un4gettable47

New Around Here
hmmm.. The reason I haven't tried DMZ for my console this time around on current setup, is because with other users on the network, I assumed they would interfere with a console that is suppose to be having all traffic priority. I mean to say that all packets would be analyzed by the console in DMZ making it heavy. With port forwarding specific packets are analyzed and open. That is just how i think it works, not how I know. I am no expert. But in the past, now come to think of it, it was with same router and modem, different firmware, and different isp. I had my console in DMZ, and it was a very lacking connection compared to what I get now. And don't think I will bother with DMZ due to my theory of how it works, and my connections ain't broke, so I am not going to try and fix it.

We have two slower speed dsl internet connections in the same house. We were using one line to both game on, but his gaming was interfering with mine because I play a very finicky game that is notorious for lag if conditions aren't just right. Some of the games he plays upload at half our upload cap, and this lags me for sure. So my setup is just fine so long as that it's dedicated to me. When I am gaming he doesn't see any negative effects on his games. But at this point I am hardly willing to attempt gaming when anyone is downloading or gaming on the internet, and he is on alot.

As for the second line, he is now connected to that one instead, but he is experiencing some high ping issues with that line on certain games for reasons unknown. I don't think he had a problem on the 1st line, so it could be a issue with the dsl line for the 2nd. But I thought I'd try port forwarding, only if I can do it safely. idk
 

Stevens243

Regular Contributor
Don't forward ports manually. Enable UPnP on the router and let the application forward ports automatically as and when it needs them. The application should take care of any Windows Firewall rules if it needs to.

EDIT: Also check that the router's WAN interface actually has a public IP address and not a private one.
Wait, that matters here? Mine is set to a private address now. Should it be using that, the ISP assigned one or a DDNS IP?
 

ColinTaylor

Part of the Furniture
Wait, that matters here? Mine is set to a private address now.
For most people it doesn't matter. It's only a concern if you have devices on the internet that need to remotely connect to your LAN. This can be a problem for gamers trying to use "team speak".
 

Stevens243

Regular Contributor
Ah, got it. I don't "game" here and I do not require WAN or VPN access to my network.
 

un4gettable47

New Around Here
I did a little research a some information for anybody wanting to port forward: There's no getting around this one – UPnP assumes local programs are trustworthy and allows them to forward ports. If malware not being able to forward ports is important to you, you'll want to disable UPnP.Oct 24, 2019 More info here: https://www.howtogeek.com/122487/htg-explains-is-upnp-a-security-risk/

However, I keep upnp enabled because I try to keep my PC's malware free obviously. Next I figured out what the problem was and it is a simple fix, my wifi connection I was testing the port forwarding out on was set to public, i changed it to private (because I am on my home network) and the few test ports I had forwarded were showing as open simple and easy. Port Check Result: Your port is open on this computer! Info on how to change your network from public to private (recommended for your home/trusted network only): https://www.groovypost.com/howto/change-network-profile-public-private-windows-10/

I don't know whether or not if you are automatically on a private network connected via Ethernet, but if not, you will have to change to private.

No inbound/outbound firewall port rules needed, at least so says my port checker tool. If my brother continues to have issues I will have to forward some ports.

Also I did test out DMZ again on current setup for my xbox 360, and connection was lacking compared to Port Forwarding, go figure. Another note is that not all hardware functions equally, I bought second used actiontec modem and a second new ac68u router running the same firmware. Connections are good don't get me wrong; but on my other older actiontec modem and ac68u router that were both bought new years ago, connection quality is even better consistently. I bought another brand new actiontec modem on amazon(dot)ca to see if I can replicate superior connection quality of my old setup (it's in the mail). Thanks peeps.

If I miss any ports to open, upnp will be a decent backup.
 
Last edited:

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top