Remote Admin and Port Forwarding Issues
Vasu1
Enthusiast - Level 2

I have been a FIOS customer for over a year now and have the Actiontec MI424WR-GEN2 (Rev f) router on the latest firmware.

I am trying to setup remote administration and port forwarding but can't get it to work.

For remote administration, I only want to allow access over the SSL port. So, I go into Firewall settings, Remote Administration and turn on the SSL Secondary port (8443)

When I try to access the router via SSL even from within the LAN (https://192.168.1.1:8443) I get a 403 Error with a message 'Missing Client Certificate' 

How do I fix this ? I don't want to turn on remote admin over a clear-text http channel

Port Forwarding:

I'm trying to setup port forwarding so I can access my NAS drive from the internet and I setup the ports correctly i.e when I click on RESOLVE, it resolves correctly. But when I try to connect to the port it does not work.

Any thoughts anyone ?

Thanks

V

0 Likes
Re: Remote Admin and Port Forwarding Issues
Vasu1
Enthusiast - Level 2

Once I reset the Router to defaults and rebooted it, I was able to get the SSL web administration and remote administration working.

I still cannot get Port forwarding to work. I've pasted my setting below. I have a web server running on 192.168.1.2

and when I access 192.168.1.2:9001 from a browser it connects fine. But I cannot connect from (router lan ip) 192.168.1.1:9001 or from the wan-ip:9001

vjam 192.168.1.2 Destination Ports 9001 TCP 9001 -> 9001 All Broadband Devices Active
0 Likes
Re: Remote Admin and Port Forwarding Issues
Hubrisnxs
Legend

Change the source port to ANY  

don't define the source port.  only define the destination port

Re: Remote Admin and Port Forwarding Issues
Vasu1
Enthusiast - Level 2

@Hubrisnxs wrote:

Change the source port to ANY  

don't define the source port.  only define the destination port


tried that as well. still doesnt work...

0 Likes
Re: Remote Admin and Port Forwarding Issues
viafax999
Community Leader
Community Leader

It will ONLY work when the rule says

TCPAny -> 9100

After you've set it to that check the security log to see if your connection attempt is being blocked at the routre.  If it shows as accepted then your issue is something farther into your home network, probably a firewall issue.

0 Likes
Re: Remote Admin and Port Forwarding Issues
Vasu1
Enthusiast - Level 2

@viafax999 wrote:

It will ONLY work when the rule says

TCPAny -> 9100

After you've set it to that check the security log to see if your connection attempt is being blocked at the routre.  If it shows as accepted then your issue is something farther into your home network, probably a firewall issue.


I tried that setting as well and it does not work ! (as per my previous post)

I finally managed to get it working but do not like the solution.

I had to forward the https secondary port (8443) to port 9001 on my internal server

then when I access https://wan-ip:8443 , the router correctly forwards to https://internal-server:9001

this is not ideal as 8443 is a standard established port for https and I don't want to open that port

i should be ideally able to setup port forwarding so that https://wan-ip:9001 will forward to https://internal-server:9001

But the FIOS router will not allow it.

This is an issue with the FIOS router config/firmware.

I did not reveal much details of my setup earlier. My internal home network is on an Airport Extreme router which connects to the FIOS router for external internet access.

My port forward from the FIOS router goes to the internal Airport router which then forwards to the internal-server which is running an http server.

On the internal router I have incoming port 9001 forwarded to internal-server:9001 which works perfectly.

Why can't the FIOS router allow me to setup incoming on port 9001? Is there any other setting on the router where I need to specify a list of allowed incoming ports?

Re: Remote Admin and Port Forwarding Issues
Hubrisnxs
Legend
Ii never do dual port forwards as I almost always run into various issues plus it's redundant. Just my advice,but I would throw the airport into the dmz of the actiontec, lose the port forward rules in the actiontec,Let the airport do all the port forwarding and call it a day
0 Likes