What's new

Sometimes port forwarding stop working for a while

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

graczu

New Around Here
Firmware: 384.6
Router:
RT-AC66U_B1

I have strange problem with port forwarding, i set up port forwarding to my local server ( ubuntu ) ( ports 80, 2222 ssh, and some others ) and some times in a day portforwarding stop working and start working after a 15 minutes or one houer, i can't access those ports thru public IP ( over lan everything is working ). Public IP is working too i can connect VPN server that is set up on Asus Router, i can connect router SSH, after i connect to VPN i see that everything over lan on ubuntu Server is working good.

When problem exists ( right now :) ) i checked iptables ( iptables -t nat -L -n ) on asus router and it's look ok :

Code:
Chain VSERVER (2 references)
target     prot opt source               destination
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:2222 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22000 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:4190 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:587 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:465 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:25 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:143 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:993 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:28960 to:192.168.10.50
DNAT       udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:28960 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:9443 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:30080 to:192.168.10.50

i checked log's and in logs i dont see any strange informations that something is changed with firewall or port forwarding.

( on ubuntu server i dont use any firewall, all ports are exposed, over lan everything is working on ubuntu server, ip is static, and is static assigned on router too, no other hardware over lan use that IP or MAC, ubuntu server is connected to router by 5e patchcord )

After router reboot it's starting working in about 3 - 5 minutes. Without restart it's about 15 minutes to 60 minutes. I tried re apply port forward rules but it dosent help.

Any one else have those problems too and maybe have a solution?
I dont remember if this problem started on current firmware or previous. ( i think on current )
 
A port forward is either configured or not, it's not something that can stop or start functionning randomly. Make sure the issue isn't your DDNS taking too long to get updated.
 
Firmware: 384.6
Router:
RT-AC66U_B1

I have strange problem with port forwarding, i set up port forwarding to my local server ( ubuntu ) ( ports 80, 2222 ssh, and some others ) and some times in a day portforwarding stop working and start working after a 15 minutes or one houer, i can't access those ports thru public IP ( over lan everything is working ). Public IP is working too i can connect VPN server that is set up on Asus Router, i can connect router SSH, after i connect to VPN i see that everything over lan on ubuntu Server is working good.

When problem exists ( right now :) ) i checked iptables ( iptables -t nat -L -n ) on asus router and it's look ok :

Code:
Chain VSERVER (2 references)
target     prot opt source               destination
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:443 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:80 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:2222 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:22000 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:4190 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:587 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:465 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:25 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:143 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:993 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:28960 to:192.168.10.50
DNAT       udp  --  0.0.0.0/0            0.0.0.0/0            udp dpt:28960 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:9443 to:192.168.10.50
DNAT       tcp  --  0.0.0.0/0            0.0.0.0/0            tcp dpt:30080 to:192.168.10.50

i checked log's and in logs i dont see any strange informations that something is changed with firewall or port forwarding.

( on ubuntu server i dont use any firewall, all ports are exposed, over lan everything is working on ubuntu server, ip is static, and is static assigned on router too, no other hardware over lan use that IP or MAC, ubuntu server is connected to router by 5e patchcord )

After router reboot it's starting working in about 3 - 5 minutes. Without restart it's about 15 minutes to 60 minutes. I tried re apply port forward rules but it dosent help.

Any one else have those problems too and maybe have a solution?
I dont remember if this problem started on current firmware or previous. ( i think on current )

what's the arp table look like when its not working?
 
A port forward is either configured or not, it's not something that can stop or start functionning randomly. Make sure the issue isn't your DDNS taking too long to get updated.

I dont use DDNS, i have static public IP.

what's the arp table look like when its not working?

I will check on next issue time. Wasnt think about to check, but when i connect to OpenVPN ( becouse im at office ) i see my ubuntu server normall over lan at 192.168.10.50, can enter all ports.
 
I dont use DDNS, i have static public IP.



I will check on next issue time. Wasnt think about to check, but when i connect to OpenVPN ( becouse im at office ) i see my ubuntu server normall over lan at 192.168.10.50, can enter all ports.

When you are using openvpn, you are getting a local ip address which is not the same as port forwarding. Port forwarding in these routers typically would do a dst nat with the source being the original routable address. what does the ifconfig for the ubuntu server look like? you have a static ip and specified default gateway and subnet?

You are sure that you aren't in an office location where a nextgen firewall may be blocking applications or unknown ports? Most nextgen firewalls have been setup to only inspect non-encrypted traffic.

For example, my office blocks rdp outbound, but if i map my port forwarding to route incoming 443 to the server on port 3389 ... the firewall will view it as encypted 443 traffic and let me through.
 
TCP connections limit
"
You are sure that you aren't in an office location where a nextgen firewall may be blocking applications or unknown ports? Most nextgen firewalls have been setup to only inspect non-encrypted traffic.

For example, my office blocks rdp outbound, but if i map my port forwarding to route incoming 443 to the server on port 3389 ... the firewall will view it as encypted 443 traffic and let me through."

At office i have same router with asus merlin in the same version, i check from a LTE connection on phone AND UBUNTU SERVER is accessible and it's working, it's loking like something limiting connections on port forward at my home asus router, is this possible, that there is something that limiting connections on forwarded ports on asus merlin?

In administration i see my connections with my ubuntu on port forward. So it's working it's loking like some connections limit?

So im sure it's something like a connections limit.


--

After some time, i can connect ( without router restart, router restart kills all connections so it's closing all ). At office my phone, 3 PC making connections with nextcloud on my ubuntu server so i thing them making a lot of connections. And then router is limiting this, but i dont see and options in firewall to change it.


In Tools the: TCP/IP settings -> TCP connections limit is: 300000
 
Last edited:
If its working on LTE and not in your office then i would look to the ISP at your office or the router of your office for the next troubleshooting steps.
 
It was Mailcow mail server banning whole network ( bad password on my phone to mail TROLOLOLOL ), sorry my bad, with routers and merlin wrt everything is just fine :)

Please kill this thread :)
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top