cancel
Showing results for 
would you rather see results for 
Did you mean: 
Need help?

Port Forwarding not working, even though ports report as open

Reply
13 REPLIES 13
juliushibert
Chatterbox

I'm unable to get Port Forwarding working on my new HomeHub. I believe I've set it up correctly as using https://portchecker.co/check shows that the ports I need to be open are open.

 

I'm trying to get my the Port Forwarding to work so that I can access a home server remotely. Hass.io using Caddy Proxy & LetsEncrypt

 

I'd found this post and followed the advice in it, but still seeing the same issues. 

KeithFrench
Community Star

This is most likely because you are trying to test it from a device connected locally to your hub, routing out over the internet & back into your router to the forwarded device. This will never work because this traffic, termed loopback traffic, is considered a security risk by all TalkTalk routers and so they block it.

 

You need to test from say a smart phone having disconnected from Wi-Fi & use mobile data. Alternatively, test from a different broadband connection.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please mark it as the Best Answer.
OCE's and Community Stars - Who are they? 

juliushibert
Chatterbox

Thanks @KeithFrench. I've tried the connection now from my mobile on 4G, however I still can't connect to the server on my network. Is there anything else I can try? 

KeithFrench
Community Star

Send me a screenshot of the port forwarding configuration. It may be a while before I can respond due to being very busy currently.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please mark it as the Best Answer.
OCE's and Community Stars - Who are they? 

juliushibert
Chatterbox

Thank you @KeithFrench. Here's a screengrab. Screenshot 2019-09-23 at 10.12.50.png

KeithFrench
Community Star

There is definitely nothing wrong with that config at all. Exactly what part of this server are you trying to access & with what type of software? What are you using TCP port 8123 for?

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please mark it as the Best Answer.
OCE's and Community Stars - Who are they? 

juliushibert
Chatterbox

I'm trying to access a local server that runs a webUI on HTTPS. The actual server software port is 8123 on my local network, but the proxy redirects WAN traffic on HTTPS to the local server port of 8123. 

 

I think the issue might be that because the TalkTalk router can't do a loopback then the proxy is unable to resolve the hostname and direct the traffic accordingly? The proxy software on the server manages renewals of HTTPS certificates via LetsEncrypt. And it seems like it's unable to renew them. Presumably because of this lack of lookback / resolving the DYDNS.

KeithFrench
Community Star

What DDNS provider are you using?

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please mark it as the Best Answer.
OCE's and Community Stars - Who are they? 

juliushibert
Chatterbox

DuckDNS. Again this is all being handled by the proxy server rather than the DDNS service on the router.

 

KeithFrench
Community Star

I too use DuckDNS, but via the router utilising the very good dns-o-matic DNS proxy. The router fully supports integration with dns-o-matic. I can provide full config details if required, perhaps you could try that?

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please mark it as the Best Answer.
OCE's and Community Stars - Who are they? 

juliushibert
Chatterbox

Yes please. I can give it a shot.

 

KeithFrench
Community Star

See the attached PDF.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please mark it as the Best Answer.
OCE's and Community Stars - Who are they? 

juliushibert
Chatterbox

Does this method also do HTTPS renewals via LetsEncrypt? Or is it just DDNS renewal? 

KeithFrench
Community Star

Sorry can't comment on that as I do not use LetsEncrypt. It works perfectly as a DDNS proxy.

Keith
I am not employed by TalkTalk, I'm just a customer. If my post has fixed the issue, please mark it as the Best Answer.
OCE's and Community Stars - Who are they?