Broadband help

Hi Karl,

I can only test with V4.00 hardware as that is all I have at my disposal. However, the only hardware version-related bugs I have found are related to "invalid IP address" error messages. I have asked @midders to consider using Wireshark with my help, this would categorically prove if the port forwarding is working or not. However, I really doubt that it would not work, as he also tried putting his server in the DMZ and it didn't work there either.

Thanks @Karl-TalkTalk I thought that it would be. In that case, there are no problems whatsoever in forwarding these ports via the router/firmware combination, unless there is a weird hardware-related issue, which if so, I have never seen. Can you tell me the hardware revision remotely?

Hi @Debbie-TalkTalk 

What firmware is on the 5364 of @midders? I have proved that the 5364 V174 forwards these ports perfectly.

Hi @midders 

If it was the router, then changing it for another as you did, surely is a good indication that it is not the router, unless it has had a firmware update recently.

I have also tested all of these ports using the same router & firmware version as you, on both Windows & Linux PCs and they work perfectly. If your server is the VPN client, then port forwarding has no effect & the IP address allocated to it, comes from the DHCP address pool that the VPN server allocates from, once the connection is established.

The next step is to prove beyond any doubt what the problem is, by taking a Wireshark trace on your server. I can analyse this for you. If you are unfamiliar with using Wireshark, I can send you a guide on doing that.

The server is a VPN client, ufw is setup for all the required ports. As I mentioned before EVERYTHING WAS WORKING FINE before the router died.

Since the only thing that has changed is the router, that has to be at fault.

Hi @midders 

I have just tried all ports in Linux Mint having first added them to the GUI version of ufw and they work fine.

Whilst I cannot exactly replicate your setup, I will also test this on a Linux Mint installation that I have tomorrow.

You will need to add rules for the ports in ufw. With the VPN is the Ubuntu the VPN server? Assuming it is, then the Ubuntu should not allocate the same IP address to different NICs. There is nothing that TalkTalk can change behind the scenes to affect this.

My first action would to rectify why the server is allocating the IP address wrongly.

Thanks for your efforts, my server is running Ubuntu 22 LTS, has dual NICs (...94, and ...104) one setup for VPN and the other without for remote access. I'm running ufw firewall and surfshark VPN but have tried disabling both to get remote access working.

It was all working perfectly before the router died, and the only thing that has changed is the router... or are there other settings that talktalk can tweak behind the scenes?

The router doesn't recognize the dual NICs correctly, giving them both the same IP, but the old one did the same thing and still worked. The server shows the correct IPs.

I played around with the Draytek router last night and am about ready to test it. Fingers crossed.

Slàinte

Mark

Hi @midders 

These are the port forwarding rules I set up:-

My PF rules

From here I tested both TCP & UDP port 53665, whilst opening port 22 as either TCP or UDP and they worked the first time. I have only shown the results for the TCP test, as I use my own testing application for UDP:-

TCP port 53665 result

Then I tested TCP port 57518 and that was fine as well:-

TCP port 57518 result

Please can you respond to my questions concerning your server, when you get a chance?

Thanks.

Hi @midders 

I would strongly recommend that you disable UPnP as it is very insecure.

There is nothing else wrong with the PF rules. Please ensure that the device is not in the DMZ any more and set the firewall back to medium. I will double check that these ports forward OK this afternoon.

Tell me more about this server. What OS is it, does it have a firewall and how are you testing this?