Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Port forwarding headache 2

Status
Not open for further replies.

MoLaker

Programmer
Apr 30, 2004
521
US
I have a rather convoluted Internet connection and can't get port forwarding to work - need help.

I have a Verizon MiFi 2200 as my modem. It is linked to my LAN using a Linksys WRT54G with Tomato 1.28 as a wireless client - "brouter". The brouter makes a wireless connection to the MiFi and then is connected to the LAN via Ethernet cable with a LAN IP of 192.168.1.2. This set up works fine for normal browsing.

I have a Windows Home Server with fixed IP of 192.168.1.200. The WHS can access the Internet okay. I am trying to set up port forwarding for port 80 to the WHS for remote HTTP access - port 80. The MiFi has minimal port forwarding capability. The only choice I have is to check the protocol involved and assign the IP to forward to. The WRT54G has full port forwarding capabilty as offered by Tomato. I have tried setting the MiFi to forward HTTP (port 80) to 192.168.1.200 with the brouter set to forward first no setting then I tried 192.168.1.200. Neither works. I have tried forwarding the MiFi to 192.168.1.2 (the LAN address of the brouter) with both no port forwading and with 192.168.1.200 set in forwarding on the brouter.

I'm not having any success. Can anyone help with this somewhat wierd setup?

"Retired Programmer". So, please be patient.
 
Port 80 might already be reserved for http access. You could try assigningn the remote management to port 8080 and add the port forwarder to that port. Good luck!

Dr. Cool
STAFTLSKHO.
 
That option is apparently not available on the MiFi. The only option available is "HTTP (Web) Server". Should I forward that to the WRT54G LAN IP (192.168.1.2) then forward 8080 to the WHS?

"Retired Programmer". So, please be patient.
 
Silly question - is the firewall open on the WHS for port 80 on incoming connections? Can you connect to 192.168.1.200 with your browser from another internal system?

I've had challenges sometimes with static IPs as forwarding targets when DHCP is enabled. If the DHCP server is enabled, try adding a reservation for 192.168.1.200 with the appropriate MAC address, and set the WHS to DHCP. It will still pull the same address as though it was static, but it will be registered in the DHCP clients table as well, which might make the MiFi happy. (I'm assuming that the MiFi is functioning as the DHCP server)
 
The firewall is configured. I had Hughesnet satellite as my ISP earlier and I was able to configure my router (WRT54G before Tomato firmware) to forward port 80 to the WHS. I was able to access my WHS from a remote site using TZO to translate the IP. Since switching to Verizonwireless and the MiFi, I've lost that capability.

"Retired Programmer". So, please be patient.
 
I dont know much about the Mifi "Modem" as you call it but it sounds to me like it is actually a router and this may be your problem. I making this assumption from what you are saying you are doing...

If it was solely a modem then you would not have ANY options for port forwarding at all but you say yo do. Forget a minute about these devices and remember the old dialup modems that connected directly into your PC. Could you configure these with port forwarding and did you have a LAN address? No you wouldn't, you were directly on the internet with a public IP and no option to port forward. Port forwarding is something only applicable to routers so this suggests you have exactly that.

Now you can get modem/routers all in one which I suspect you have. This means there is another network somewhere though which I don't think you are aware of and this is the problem.

Here is problably your set up:
the modem gets internet access (public IP) via your carrier (verizon). This also has an internal network accessed wirelessly. This is the hidden network you don't know about. It will have a completely different subnet for example 192.168.0.x. It is set to assign IP addresses automatically to give internet access to wireless clients.
Your Linksys connects to your modem via wireless and gets an IP address automatically from the modem for example 192.168.0.87. This (according to your Linksys) is it's WAN/public IP address.
The Linksys other network card is on your LAN (which is another network again) with an IP of 192.168.1.2. This is the network your server is on.

Hopefully you can picture all of this in your head see what you are missing. Everything has to be "daisy chained" correctly.
You need to find out what the IP address is on the WAN side of the Linksys and port forward port 80 from your Verizon to this IP. So in my example port forward 80 to 192.168.0.87 from the Verizon device.
Then you need to port forward port 80 from the Linksys to 192.168.1.200

I am 99% confident this is your problem and fix.

I also have a full intro into IP addresses, subnetting and routing on my blog here
Take a look at my IT blog guides, knowledgebase and technical resources at
 
muckermucker - I understand what you have said and totally agree. Yes, the MiFi (Verizon MiFi 2200 Hotspot) is a modem and router. I am aware of the internal IP (192.168.0.1). My Linksys connects to the MiFi router and thru DHCP is assigned the IP 192.168.0.2 (only device connected to MiFi). I have complete control of the Linksys for port forwarding and have tried forwarding port 80 to my server (192.168.1.200). The problem is, the MiFi offers very little in port forwarding options. It only has checkboxes for port forwarding to a WLAN IP. The checkboxes do not define a given port, only a specific protocol (HTTP Server, FTP Server, etc.). So, I cannot be sure of what port it is forwarding. It appears there just aren't enough "handles" to permit me to do what I need to do.



"Retired Programmer". So, please be patient.
 
Ok, well HTTP is port 80 which is the port you want so port forward that from your MIFI to 192.168.0.2 and it should work.

Take a look at my IT blog guides, knowledgebase and technical resources at
 
As mentioned, my ISP is Verizon Wireless. Although, Verizon will not admit it, I am convinced they are blocking port 80. I used to have Hughesnet as my ISP and I was able to set up port forwarding to my Home server. Since changing to first Alltel then Verizon, I have not been able to make it work. With Alltel, I used a PC 5750 data card. A port analysis showed the data card blocked port 80. Verizon took over Alltel and I switched to the Verizon MiFi 2200 Hotspot. Still no joy.

Just to be sure it is not an issue with trying to access from within my own network, could you please try
"Retired Programmer". So, please be patient.
 
Yes that failed but I pinged it and it resolved 75.226.238.59.

Is that your IP for sure?
There is a way to test whether they are blocking port 80 although I doubt it.

Do you know how to get your website (I presume windows IIS) to listen on a different port? If so change it from port 80 to say 8080 then set up port forwarding on both routers for this.

Now connect to your si.........Oh dear!!! just I wrote those last words I noticed something...I think I know the cause of it.

That link you sent redirects for some reason to which not only is it a different IP address but https is not http. http is port 80 and https is 443 so you have two problems here.

I noticed though that if I drop the s from to it works so I think this is your problem.

So the first I need to know is what is your IP address, is it 75.226.238.59 or 108.59.160.162?

Forget about the port forwarding stuff for the moment, it looks like that isn't the issue.

Take a look at my IT blog guides, knowledgebase and technical resources at
 
I'm using TZO.com for the IP translation. The IP is, in fact, 75.226.238.59.

My server is a Windows Home Server and I'm not sure I can change the port assignment. But, even if I could, the port forwarding ability on the MiFi is predefined to specific protocols, no port numbers shown.

As for http vs https, I do not have a handle for https on the MiFi modem/router. As for the Linksys, I am already forwarding port 443 to my server.

"Retired Programmer". So, please be patient.
 
I know about this kinda stuff as I work with websites also. Your site I think is defaulting to https so when anyone tries to access it on http it redirects to https and then with whatever the URL is.

It only worked for me because after the redirection (which failed) I manually editted the URL to remove the s.

Your site of in fact redirects EXACTLY to
Notice the HPhome on the end. I then dropped the s from https and it worked which means your URL is
If you try to access this it should work for you. let me know if it does.

If it does it very easy to solve but I'll see what your response is first.

Take a look at my IT blog guides, knowledgebase and technical resources at
 
In fact I don't need to wait for your response I am 100% sure of it.

All you need to do now is port forward https on BOTH routers to the correct IP's like you have done with http and it will work.

Let me know if it does.

Take a look at my IT blog guides, knowledgebase and technical resources at
 
Interesting. I just had my son try and he was able to connect, too, but got a browser error when he attempted anything. I'll have to review permissions and web setup, but I think maybe you have uncovered the secret.

"Retired Programmer". So, please be patient.
 
Actually, I have port forwarded the Linksys router. Unfortunately, I do not have a handle for it on the MiFi as best I can tell.

Here's the entire list I can work with on the MiFi. All I can do is check a given item and enter an IP to forward to.

Application IP Address on WLAN
DNS (Domain Name Server)
FTP Server
HTTP (Web) Server (this one is checked)
NNTP Server
POP3 Server
SMTP Server
SNMP Server
Telnet Server
TFTP Server


"Retired Programmer". So, please be patient.
 
It is not permissions...Pay attention to what the link says when your son hovers his mouse over the links...Notice they all start with https. This why those links fail. The site links are all appended with https and not http. If you copy any one of those different links and just drop the s from https they will work.

Https uses port 443
Https uses port 80

It fails because you have https port 443 blocked.

You have two solutions here.

1. Open up https - This is by far the easiest and most preffered as it is more secure but as you said your Verison router may not have this option. This would be extremely poor though of them as https is the next most common protocol after http.

2. Go into the HP web server management tool for the website. I have no idea where this is but these types of packages always have somewhere you can manage them, I am sure you know where it is.
Once in it you need to look for the option to disable https or something to do with certificates. It will be there somewhere. If you disable this it will revert back to http and this will also work.

Take a look at my IT blog guides, knowledgebase and technical resources at
 
Found a setting on the TZO setup that would explain the redirect to https. There was a checkbox to "Enable SSL forwarding" - was recommended and defaulted to this. I'd prefer using SSL, but looks like the MiFi won't let me.

I unchecked the checkbox. Would you please try now to see if the redirect has cleared?

"Retired Programmer". So, please be patient.
 
BTW are you sure you don't have anywhere on the MIFI to port forward custom port numbers? It may be called something like services?

On Netgear routers it similiar to how you describe but if the port doesn't exist I go into a section called Services and create this entry myself. IE I might create one for VPN's called PPTP_VPN with port 1723. Then I go back to the port forwarding and it is now listed in the drop down box. Anything like that there?

Take a look at my IT blog guides, knowledgebase and technical resources at
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top