We use cookies on our site to give you the best experience.
Accept
Reject
Manage your cookies
Skip to content
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Broadband help

For queries about your TalkTalk broadband service.

Port Forwarding - ports closed

charliepaterson
Chatterbox
Private Message

on ‎28-08-2023 03:22 PM

Message 16 of 16

I'm trying to set up port forwarding to my home server and struggling.

DNS is all working fine - pinging the domain gets rerouted to the router

 

I have set up port forwarding on the router to direct it to the (reserved) ip of the server

 

However nothing gets through to the server itself, and when using portchecker.co both 80 and 443 are reported as being closed. Is there something else I should be doing to get this working?

0 Likes
15 REPLIES 15

charliepaterson
Chatterbox
Private Message

on ‎29-08-2023 10:27 PM

Message 1 of 16

Yeah it seems like I was running into a pair of issues simultaneously

Activating proxy on cloudflare bypasses the NAT loopback problem, but seems to have some of the rate limiting issues I was having with the tunnels earlier. Guess I need to get a new router if the TT one won't support it natively

Piethorne
Whizz Kid
Private Message TalkTalk

‎29-08-2023 10:10 PM - edited ‎29-08-2023 10:12 PM

Message 2 of 16

I've made and repeated many mistakes over and over when setting up webservers. The 2 most common I've made is not having the server up and running when doing a port check. The second is forgetting about NAT Loopback. After that is not opening the ports on the server and the firewall. As @KeithFrench has said - as long as it's working...

I'm just a customer who might be able to help, not official help & support.
0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎29-08-2023 10:06 PM

Message 3 of 16

Well, I was just going on what you said originally. Still, if it is working now, that's great.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

charliepaterson
Chatterbox
Private Message

on ‎29-08-2023 10:04 PM

Message 4 of 16

Hmmm wierdness ensues. Wireshark showed nothing getting through at all on 80 and 443

I restarted the router and now portchecker.co now lists both 80 and 443 as open

This makes me think @Piethorne might be right in it being NAT loopback, I hadn't considered it because of the original port issue

0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎29-08-2023 09:46 PM

Message 5 of 16

No, it is not that @Piethorne the OP says:-

 

"when using portchecker.co both 80 and 443 are reported as being closed."

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

Piethorne
Whizz Kid
Private Message TalkTalk

on ‎29-08-2023 09:41 PM

Message 6 of 16

NAT Loopback ?

I'm just a customer who might be able to help, not official help & support.
0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎29-08-2023 11:25 AM

Message 7 of 16

The router works fine forwarding these ports, I have rechecked it this morning. I can analyse any Wireshark traces if required.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

charliepaterson
Chatterbox
Private Message
In response to KeithFrench

on ‎29-08-2023 11:14 AM

Message 8 of 16

I haven't found anything that would suggest that and many others are able to do what I'm trying using the OS, their support suggested I checked with my ISP - that said I can look into it a bit deeper this evening when I get home from work and double check with them. Should be able to stick Wireshark on it and see if anything gets through.

I have had some success previously using Cloudflare "tunnels" which seem to be akin to a vpn between the NAS and cloudflare, unfotunately they are rate limited which made the usability a bit suspect, and acting like a vpn might be bypassing your suggested blocking.

Will update you when I get a chance to do some testing, if you have any other ideas I can check please let me know! 🙂

0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎29-08-2023 10:53 AM

Message 9 of 16

Thanks for that @charliepaterson.

 

I think that the NAS is blocking access to connections coming into it from any other IP network, apart from its local network of 192.168.1.0, by default. Is there anything in the NAS documentation and or support website to confirm or deny this? If it is disabled by default, you will need to find out how to enable access from other networks.

 

It is easy to find out if TCP ports 80 & 443 are open, but the NAS would appear to be going a stage further by checking the IP packet's source IP address as well. If you can install Wireshark on the Linux part, that would prove it.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

charliepaterson
Chatterbox
Private Message
In response to KeithFrench

on ‎29-08-2023 09:00 AM

Message 10 of 16

The NAS is a self contained unit, I do have access to it (it's in the attic) and the web ui is pretty comprehensive in terms of things I can change - and includes a shell terminal for fiddling with the linux based OS directly.

 

It runs "apps" including Jellyfin/Plex which are what I'm more interested in accessing remotely than the web UI itself - it has an internal reverse proxy so if mydomain.com points to the server itself, jellyfin.mydomain.com will be rerouted to the jellyfin app and let me stream my movies outside of the house. Similarly with HomeAssistant so I can check my dashboard remotely, host a vpn so I can play LAN games with friends, stuff like that

0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎29-08-2023 08:39 AM

Message 11 of 16

Thanks for that, it is all OK. I think I know what the problem is, but I want to make sure I understand what you want to do.

 

Is this NAS a self contained unit, running it's own operating system, which you have no direct access to? You can only change certain things within its browser interface & it is this that you want to access remotely?

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

charliepaterson
Chatterbox
Private Message
In response to KeithFrench

on ‎28-08-2023 06:13 PM

Message 12 of 16

Thanks for helping

 

  • Subnet mask: 255.255.255.0
  • DNS server address: 1.1.1.1 and 1.0.0.1 (cloudflare)
  • Default gateway address: 192.168.1.1 (router IP)
0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎28-08-2023 06:01 PM

Message 13 of 16

What are the following set to on the network card of the NAS:-

 

  • Subnet mask
  • DNS server address
  • Default gateway address?

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes

charliepaterson
Chatterbox
Private Message

on ‎28-08-2023 04:18 PM

Message 14 of 16

@KeithFrench 

It's running TrueNAS Scale - no additional firewalls as far as I can tell

It has a static IP of 192.168.1.38 - and I can access the web UI on that ip address just fine from within the LAN

0 Likes

KeithFrench
Community Star
Private Message TalkTalk

on ‎28-08-2023 03:50 PM

Message 15 of 16

There is nothing wrong with your rules. What sort of device is hosting your server? Does it have its own firewall (do not touch the router's firewall)? If so, have you allowed the two ports through that firewall? Is your web server bound to this 192.168.1.38?

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please set Accept as Solution from the 3 dot menu.
TalkTalk support and Community Stars - Who are they? 

0 Likes
© TalkTalk 2024