RT-AC86U firewall blocks forwarded ports

halilnevzat

Occasional Visitor
hi, im using asuswrt-merlin 386.7_2 , i use torrent often with Rutorrent, i have a fiber nokia modem provided by my isp, and my router connected to it via LAN cable and runs in a wireless router mode. all ip's is static. my main problem is when i open firewall my forwarded ports gets cut off, i tried to set Inbound Firewall Rules but it didn't work, it didn't even showed up on table. is there a way that i can turn on my firewall and use ports 4100 - 6900 ? thanks for your time.
 

halilnevzat

Occasional Visitor
Modem only or modem/router? What WAN IP is your Asus router getting?
ah forgot to mention, my asus router wan ip is 192.168.1.21 and gets it from my isp modem. but dhcp on asus router starts with 192.168.2.1 and 192.168.2.1 is my asus routers interface, 192.168.1.1 is my isp modems interface, i gave static ip from my isp modem. lastly, i also turned of firewall on my isp modem.

i forwarded desired ports on my isp modem to 192.168.1.21 which is my asus router, and on my asus router i forwarded ports to my desktop-pc static ip address.
 

halilnevzat

Occasional Visitor
ah forgot to mention, my asus router wan ip is 192.168.1.21 and gets it from my isp modem. but dhcp on asus router starts with 192.168.2.1 and 192.168.2.1 is my asus routers interface, 192.168.1.1 is my isp modems interface, i gave static ip from my isp modem. lastly, i also turned of firewall on my isp modem.

i forwarded desired ports on my isp modem to 192.168.1.21 which is my asus router, and on my asus router i forwarded ports to my desktop-pc static ip address.
by the way my torrent client works on router, desktop pc is not the case.
 

Tech9

Part of the Furniture
You're looking at the wrong firewall perhaps. Your Asus router is in double NAT behind the Nokia router. I'm not familiar with your torrent software and the ports it needs open, but the Nokia router perhaps has all ports closed. If you have access to the Nokia settings, place the Asus WAN IP in DMZ.
 

halilnevzat

Occasional Visitor
You're looking at the wrong firewall perhaps. Your Asus router is in double NAT behind the Nokia router. I'm not familiar with your torrent software and the ports it needs open, but the Nokia router perhaps has all ports closed. If you have access to the Nokia settings, place the Asus WAN IP in DMZ.
i will do the DMZ but still, i can use my ports right now but my firewall is disabled, when i enable the firewall on my asus router its kinda disables port forwarding.
 

Tech9

Part of the Furniture
Ah, okay. UPnP in Asuswrt-Merlin 386.7_2 doesn't allow private WAN IP addressed and closes down. Check your router logs for confirmation. I believe it was working properly in Asuswrt-Merlin 386.5_2 firmware. It's the better Asuswrt-Merlin release in my opinion. Check and see if it resolves your issue. Just flash it on top of 386.7_2, no reset is needed. You may need to check and adjust your VPN server settings only, if you have one set.
 

halilnevzat

Occasional Visitor
Ah, okay. UPnP in Asuswrt-Merlin 386.7_2 doesn't allow private WAN IP addressed and closes down. Check your router logs for confirmation. I believe it was working properly in Asuswrt-Merlin 386.5_2 firmware. It's the better Asuswrt-Merlin release in my opinion. Check and see if it resolves your issue. Just flash it on top of 386.7_2, no reset is needed. You may need to check and adjust your VPN server settings only, if you have one set.
if i disable upnp all good then you say huh ? am i correct ?
 

Tech9

Part of the Furniture
Little addition to what I was initially thinking your question is about - if you run services you need accessible from WAN, don't rely on firewall disabled on residential gateways. On my home cable modem/router firewall disabled setting still blocks all access to LAN from WAN. I can't reach my VPN server if my main router's WAN IP is not placed in DMZ or the port is forwarded manually. Many residential gateways just don't allow firewall disabled.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top