Big Port Forwarding issue with new higher speed router! Why such a secret! #@##@#$%

  • Active since 1995, Hearth.com is THE place on the internet for free information and advice about wood stoves, pellet stoves and other energy saving equipment.

    We strive to provide opinions, articles, discussions and history related to Hearth Products and in a more general sense, energy issues.

    We promote the EFFICIENT, RESPONSIBLE, CLEAN and SAFE use of all fuels, whether renewable or fossil.
Status
Not open for further replies.

Don2222

Minister of Fire
Feb 1, 2010
9,110
Salem NH
Hello

It all started when we got a newer HP Pavilion G Series laptop with Windows 7 that had a higher speed WiFi wireless card that could not even stream video off the internet like the much older Toshiba Satellite Lap top! I realize that our old Linksys wireless N Gigabit router WRT310N could not cut the mustard! Therefore I picked up the latest and greatest new Cisco Linksys EA6500 with the AC1750 and all those technical enhancements and newer security kielbasa! That means get ready for a good porkin! Well that did not make the HP work any faster! So we gave the Comcast rented Motorola modem back to Comcast and picked up the new Motorola Surfboard 6141 modem with all the new protocol Whoop-Di-Doos! Well that fixed the problem and the new HP could now upload files and stream video as fast as it was designed and we were happy with the new laptop. Then even though I set the new router up for port forwarding so I can come in off the web with my iphone 5 and see my schedule on our internet web server, the port was closed shut. That was back in March and I was too busy to deal with it so I put back the old router until yesterday!

So yesterday I had the time to roll up my sleeves for the deep dive and as I suspected it was a big ordeal! Yes, I did update the firmware again and still made sure it did not work (current firmware version 1.1.28.147876)! A quick check of the Internet did not reveal much so I called Cisco Phone support which went to those very courteous and polite people in the Philippines. Of course after some lengthy waiting and menu selection, port forwarding and network issues were way over their heads so I was transferred to another company in the Philippines for level two paid support. The assured me it was a configuration problem that they deal with all day and for only approx $100 could do the best they could do to help me fix it with of course no guarantees! As I was spending an hour or so going through all the Hoop-Ti-Hoo. (I cannot use any other language here!) I learned from the internet that this is a serious issue that may be linked to the new security standards.

Here is a guy having the same port forwarding not working problem with his IP web cam, trying to find a solution and also figure out what is going on.
http://community.linksys.com/t5/Wireless-Routers/EA6500-Port-Forwarding-not-working/td-p/587452 > > I upgraded to a 6500 from a e4200

I still do not have a clear link from rebinding attacks to this specific problem however this whitepaper is very clear and concise about the seriousness and how deeply penetrating these dns rebinding attacks can be! > > http://crypto.stanford.edu/dns/dns-rebinding.pdf also see > > http://www.circleid.com/posts/070809_defending_networks_dns_rebinding_attacks/
One of the attacks in the paper where a visited web site by and user's browser on an internal network can retrace the user's route and circumvent the firewall by finding DNS resolution to an internal computer or server. Hence this is why it is called DNS rebinding. Therefore that is the current way that I know of how port forwarding gets you to an internal web server! AhHa, so is there a new way of port fowarding the the new routers like the Cisco Linksys EA6500 and what is the new way and how do you get it to work or is there a big bug? I am sure an answer will be forth coming soon!

So I went thru the possibilities I had to find a solution
1. Return the EA6500 router and keep trying other new ones? - Anyone know if this is a good fix?
2. Go back to the old router I had that will easily port forward to our web server?. - Does not fix the problem
3. Hook up both routers in parallel. - Need another leased IP address from our ISP comcast. Not a very pleasing option! - Probably not free either!
4. Hookup the routers in series.
a. If the new router is 1st and plugged into the cable modem then port routing will not work.
b. If the old router is 1st then will the speed be bogged down like before?

Well as a last gas, I tried 4b. To do this I had to change the static IP address of the old router box so it would not conflict with the new router box.

To our surprise the smaller pipe from the old router to the new router has minimal effect! Probably due to large buffers in the new router and the higher speed technology! After all it is a larger box! See pic below:

So my 2 day ordeal yielded a fix for now. LOL Anyone else have this problem and find a fix? ? ?

Click to Enlarge.
 

Attachments

  • Routers and Modem.JPG
    Routers and Modem.JPG
    132 KB · Views: 327
Can the EA6500 and load DD-WRT firmware on your original WRT-310. The 310N should be plenty fast for what you need. I think the 310s are 'draft N' so it could be a incompatibility between that and the new laptop. Unless you have a screaming fast Internet connection you should be fine running on the A or even G bands if disabling N is an option on the 310.

Cisco did a great job trashing the Linksys product line after they bought them. I do have a bit of bias as I've made my living working with Nortel (now Avaya) networking gear. So yeah, I hate Cisco. :)

I use an old Linksys with DD-WRT to bridge my wireless ISP connection from my barn to the house. Trees and geography wouldn't allow for the antenna on the house. DD-WRT works good and you have the open source community for support. Beats calling Tahiti for support.
 
Can the EA6500 and load DD-WRT firmware on your original WRT-310. The 310N should be plenty fast for what you need. I think the 310s are 'draft N' so it could be a incompatibility between that and the new laptop. Unless you have a screaming fast Internet connection you should be fine running on the A or even G bands if disabling N is an option on the 310.

Cisco did a great job trashing the Linksys product line after they bought them. I do have a bit of bias as I've made my living working with Nortel (now Avaya) networking gear. So yeah, I hate Cisco. :)

I use an old Linksys with DD-WRT to bridge my wireless ISP connection from my barn to the house. Trees and geography wouldn't allow for the antenna on the house. DD-WRT works good and you have the open source community for support. Beats calling Tahiti for support.


Good suggestion, this is the current firmware version on the WRT-310N. What do you mean by DD-WRT?

Firmware Version: v1.00.1Nov 28, 2007
Current Time: Sat, 06 Jul 2013 18:36:28
Internet MAC Address: 00:1F:C6:0F:BD:C8
 
DD-WRT is an open source firmware that works on several consumer grade routers. You can do things like turn an AP into a bridge, increase power, different access lists, etc. it's much more flexible.

Link below. Make sure that your device is compatible before trying to flash it or else you may turn it into a brick.

http://www.dd-wrt.com/wiki/index.php/Linksys_WRT310N_v2.0

I prefer D-Link these days if you needed to get a new router, but others may have different ideas. I have an Apple AirPort at home. Got a good deal on it (free is always good).
 
Ok, Thanks for the info!
 
Hello

It all started when we got a newer HP Pavilion G Series laptop with Windows 7 that had a higher speed WiFi wireless card that could not even stream video off the internet like the much older Toshiba Satellite Lap top! I realize that our old Linksys wireless N Gigabit router WRT310N could not cut the mustard! Therefore I picked up the latest and greatest new Cisco Linksys EA6500 with the AC1750 and all those technical enhancements and newer security kielbasa! That means get ready for a good porkin! Well that did not make the HP work any faster! So we gave the Comcast rented Motorola modem back to Comcast and picked up the new Motorola Surfboard 6141 modem with all the new protocol Whoop-Di-Doos! Well that fixed the problem and the new HP could now upload files and stream video as fast as it was designed and we were happy with the new laptop. Then even though I set the new router up for port forwarding so I can come in off the web with my iphone 5 and see my schedule on our internet web server, the port was closed shut. That was back in March and I was too busy to deal with it so I put back the old router until yesterday!

So yesterday I had the time to roll up my sleeves for the deep dive and as I suspected it was a big ordeal! Yes, I did update the firmware again and still made sure it did not work! A quick check of the Internet did not reveal much so I called Cisco Phone support which went to those very courteous and polite people in the Philippines. Of course after some lengthy waiting and menu selection, port forwarding and network issues were way over their heads so I was transferred to another company in the Philippines for level two paid support. The assured me it was a configuration problem that they deal with all day and for only approx $100 could do the best they could do to help me fix it with of course no guarantees! As I was spending an hour or so going through all the Hoop-Ti-Hoo. (I cannot use any other language here!) I learned from the internet that this is a serious issue that may be linked to the new security standards.

Here is a guy having the same port forwarding not working problem with his IP web cam, trying to find a solution and also figure out what is going on.
http://community.linksys.com/t5/Wireless-Routers/EA6500-Port-Forwarding-not-working/td-p/587452 > > I upgraded to a 6500 from a e4200

I still do not have a clear link from rebinding attacks to this specific problem however this whitepaper is very clear and concise about the seriousness and how deeply penetrating these dns rebinding attacks can be! > > http://crypto.stanford.edu/dns/dns-rebinding.pdf also see > > http://www.circleid.com/posts/070809_defending_networks_dns_rebinding_attacks/
One of the attacks in the paper where a visited web site by and user's browser on an internal network can retrace the user's route and circumvent the firewall by finding DNS resolution to an internal computer or server. Hence this is why it is called DNS rebinding. Therefore that is the current way that I know of how port forwarding gets you to an internal web server! AhHa, so is there a new way of port fowarding the the new routers like the Cisco Linksys EA6500 and what is the new way and how do you get it to work or is there a big bug? I am sure an answer will be forth coming soon!

So I went thru the possibilities I had to find a solution
1. Return the EA6500 router and keep trying other new ones? - Anyone know if this is a good fix?
2. Go back to the old router I had that will easily port forward to our web server?. - Does not fix the problem
3. Hook up both routers in parallel. - Need another leased IP address from our ISP comcast. Not a very pleasing option! - Probably not free either!
4. Hookup the routers in series.
a. If the new router is 1st and plugged into the cable modem then port routing will not work.
b. If the old router is 1st then will the speed be bogged down like before?

Well as a last gas, I tried 4b. To do this I had to change the static IP address of the old router box so it would not conflict with the new router box.

To our surprise the smaller pipe from the old router to the new router has minimal effect! Probably due to large buffers in the new router and the higher speed technology! After all it is a larger box! See pic below:

So my 2 day ordeal yielded a fix for now. LOL Anyone else have this problem and find a fix? ? ?

Click to Enlarge.
your only as fast as your internet connection speed and wrt310 is gigabit on the ethernet ports which i am assuming you have a wired connection between routers..
 
your only as fast as your internet connection speed and wrt310 is gigabit on the ethernet ports which i am assuming you have a wired connection between routers..


Yes there is a wired connection between routers and you are correct, the wrt310 is one gigabit. It is the protocols, compatibility and buffering that also effect the speed which is why the new laptop was not streaming so well. That does explain why this series connection solves my problem. LOL
 
Status
Not open for further replies.