Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[JOHIRSH]

I am trying to get a L2TP/IPSEC VPN going on one of my servers behind the DIR655 router

I have used Port Forwarding and Virtual Server and neithere seem to allow these ports to be open


in either situation a port scan shows the ports closed..My ISP (Comcast) does not block these ports



any suggestions?

[FurryNutz]

Link>Welcome!
What Hardware version is your router? Look at sticker under router.
Link>What Firmware version is currently loaded? Found on routers web page under status.
What region are you located?

What ISP Service do you have? Cable or DSL?
What ISP Modem Mfr. and model # do you have?
Link>Checking MTU Values

Some things to try: - Log into the routers web page at 192.168.0.1. Use IE, Opera or FF to manage the router.
Turn off ALL QoS or Disable Traffic Shaping (DIR only) GameFuel (DGL only and if ON.) options. Advanced/QoS or Gamefuel.
Turn off Advanced DNS Services if you have this option under Setup/Internet/Manual or under Setup/PARENTAL CONTROL/Set to>None: Static IP or Obtain Automatically From ISP.
Enable Use Unicasting (compatibility for some ISP DHCP Servers) under Setup/Internet/Manual.
Turn on DNS Relay under Setup/Networking.
Setup DHCP reserved IP addresses for all devices ON the router. Setup/Networking. This ensures each devices gets its own IP address when turned on and connected, eliminates IP address conflicts and helps in troubleshooting.
Ensure devices are set to auto obtain an IP address.
If IPv6 is an option on the router, select Local Connection Only or Disable IPv6 options under Setup/IPv6.
Set Firewall settings to Endpoint Independent for TCP and UDP under Advanced/Firewall.
Enable uPnP and Multi-cast Streaming under Advanced/Networking. Disable uPnP for testing Port Forwarding rules.
Turn off WISH, and WPS under Advanced.
WAN Port Speed set to Auto or specific speed? Some newer ISP modems support 1000Mb so manually setting to Gb speeds can be supported by the router. Advanced/Advanced Networking/WAN Port Speed
Set current Time Zone, Date and Time. Use an NTP server feature. Tools/Time.

[JOHIRSH]

I am using a motorola modem unsure of model as it is a remote installation

the router is HW Version B1  Firmware Version 2.00NA


setttings are as you stated

Comcast is a cable company and does not block these 4500 or 500

[FurryNutz]

We'll need the modem model information unless you are fully sure that the modem is a stand alone modem with out a built in router.

If this modem has a built in router, it's best to bridge the modem. Having 2 routers on the same line can cause connection problems.
Double NAT
To tell if the modem is bridged or not, look at the routers web page, Status/Device Info/Wan Section, if there is a 192.168.0.# address in the WAN IP address field, then the modem is not bridged.
If the modem can't be bridged then see if the modem has a DMZ option and input the IP address the router gets from the modem and put that into the modems DMZ.

If you are using Port Forwarding, ensure the uPnP setting is disabled.
You might try setting up Virtual Server vs using PF.

[JOHIRSH]

I am 75% certain it is a motorola Surfboard SB6120   I am certain it has no router

[FurryNutz]

Good modem...ya, no built in router.

[JOHIRSH]

I have tried Virtual server and PF both with no success

[FurryNutz]

Set Firewall settings to Endpoint Independent for TCP and UDP under Advanced/Firewall.
Disable uPnP for testing Port Forwarding rules?

[JOHIRSH]

did all the the things you told me to in the first post

[FurryNutz]

Lets give this a try:
Download the 2.10NA fw directly from DLinks web site and unpack the .zip file.
Then follow this please:
FW Update Process

After that has been process, set up the router from scratch and use either Virtual Server or PF. If you use PF, make sure uPnP is disabled.

Setup IP reservations ON the router. Devices set to Auto IP addresses.
NAT Endpoint Independent.

[JOHIRSH]

hmm its a remote location.. I will be there in two weeksw and can do that then  i feel that teh reset will make the router unavailable to me

it also will ive me the option to replace it too

[FurryNutz]

Ya, if you have remote option enabled, resetting or FW update will make the option disabled.

Suggestion:
One thing you can do, if you get to the remote site and if there is a PC connected on the other side. Install Teamviewer or some similar remote access program on the PC. Now if the router remote control gets disabled by a factory reset or FW update, you can log into the remote control program on the connected PC and then gain access to the router long enough to enable the on board remote option on the router to enable it.

I use Teamviewer all the time to help review router settings and when I don't have direct remote access to the router. You'll just need to leave the remote access control program running all the time as your back up if you need this suggestion.

Keep us posted on how it goes.

[JOHIRSH]

I am using Logmein....  i have several mac on the "otherside"    but if I reset the router  (and it is my main router)  won't it block access even though the Mac are static IPs??

[FurryNutz]

It should not block I believe. If Logmein uses simple HTTP authentication and connections with out any configurations of ports, then if the router is reset to factory defaults, that application should still work afterwards. I don't have any experience with that application. I do know that TV is fairly simple and doesn't need any port configuration. Why some of use use it as a back door access to the router should something like this happen to the router. Ya, if there is a problem with the WAN side, router or PC, then of course, remote connection will be a problem.

[JOHIRSH]

hmmmmmm     no port config required for Logmin


what I might try is to update my DIR 655 at my current location

I can come in from my remote location.. if i can still gain access then i can do the remote

if i can;t I at least can undo the damage

actually sounds like kind of fun  .  throw a match and see if it burns