Kitz Forum
Broadband Related => Broadband Hardware => Topic started by: canon on May 30, 2007, 12:01:10 PM
-
Advise please.
I've been trying to set up remote management on a DG834v3. Originally it worked ok but then after upgrading the firmware from 4_01_06 to 4_01_20 I can't get it to work (connection attempt times out).
The new firmware had in its release notes:
Added an option to access the Router Management Interface at the
Router LAN address at a user selectable port in the NAT disabled case.
This feature is available on the LAN IP Setup page under Advanced.
So I wonder if that's anything to do with it although I don't want to disable NAT. The remote management page looks just the same as before.
I set up remote management for port 8080 (Netgear default), I disable the proxy at my end (although I could make the address an exception in FF settings).
The other query is should I disable the Metronet server based firewall too (related to the router I'm trying to access) - I thought it worked ok before without doing this.
Is there a better port to use?
Edit: the Metronet firewall settings are described here: http://www.metronet.co.uk/support/security/firewall.shtml I've been using the option 1.
Thanks,
Terry.
-
The Metronet firewall option 1 that you've chosen says "Block incoming connections". That means that all connections from the Internet to your router will be blocked. Which is why you can't remotely manage it.
If you're using NAT with a router there's no real need to have the Metronet firewall switched on. It's more useful for modem users connecting unpatched Windows systems directly to the Internet. Since NAT acts as a firewall anyway since unsolicited incoming packets don't get through to the computers on your network, it probably breaks more than it helps.
Don't get me wrong, the Metronet firewall is a great tool, but in your particular case, it's probably pretty useless and is almost certianly the cause of your inability to remotely manage your router.
-
Thanks for the response.
Switched off the MN firewall etc. at both ends and still can't remotely connect.
I realised that using the MN server firewall was belt and braces but it's off at both ends now.
I'll have to check the settings again at the remote router just to be sure but I still wonder about the firmware upgrade.
Edit: One weird thing, I did a DNS lookup on the IP address of this 'remote' router and I get the wrong name - it's someone else's account user name. I've double checked the IP address supplied by Metronet - are they re-using IP addresses and not updating a server somewhere?
Terry.
-
Well, it's working now but I'm not sure why.
I went to a connected pc and 'applied' the settings again (no change). The only thing different is that I left the mains power socket for the PC on. Maybe that keeps something live via the Ethernet connection. I'll have to confirm if this was the problem (other than having MN's firewall on).
Edit: out of curiosity I've switched the Metronet firewall back on - and I can still get remote access. For the setting used, Block Incoming Connections it says: Blocks all incoming TCP connections (SYN packets) to all ports and all UDP traffic to privileged ports (ports numbered lower than 1024). This will prevent others from initiating connections to your computer on any ports.
So 8080 is not blocked it seems with this setting?
Terry.
-
Maybe the configuration settings take a while to go through the MN system and take effect? This is just a guess
Could explain why its now working when it previously didnt - and then a few mins later still working even after turning it off?