Westell A90 9100EM15 port forwarding
Mackeyser
Enthusiast - Level 3

Okay... Here is the repost with the SAFE method. If you copied the other post which looks like this (and was deleted at my request), do NOT use the localhost address. Let's just say that it is bad, bad, bad.

This is what I had to do. I'm a former network and multimedia engineer and I'm posting this in as many places as I can think of to help folks out.

So. For the Westell A90 9100EM15 router, the way to port forward seems to be this:

1) log into the router using 192.168.1.1 in any browser. Do NOT use any http or anything else. just type in the number in the address line of any browser.

2) use the admin and password the tech gave you or verizon gave you (or whatever you changed it to)

3) Select Firewall Settings. The old ActionTec UI (if you've seen instructions with pics saying use the old ActionTec instructions) says something like Security Setting, but this says Firewall Settings. The graphic is the same.

4) Select Port Forwarding on the left.

5) In the Local host box, type in the IP address of the computer requiring the ports. Yes, at this time, you must set up portforwarding rules for EACH IP address. I know they are DHCP as assigned by the NAT server and this is a really, REALLY dumb thing. Verizon is aware of this and even the technicians can't fathom why it is this way. Moving on. It is NOT a segmented box separated by dots. It is a box into which one could type numbers or letters. It SHOULD allow any computer that's assigned a DHCP address from the NAT server on the router to obey the rule and forward it properly. It worked for me.

6) On the protocol line use the drop down menu to select Any. Then select the same menu to select the game/service you require. If you wish to add more services, select the Add drop down menu on the lower left. If you simply need more ports for the application, select User Defined. If your Application is not among the listed initially, select User Defined.

7) Type the Name of your Application.

😎 Select New Server Ports under Protocols on the lower left. You'll have to set up each protocol individually. (I know....)

9) Select the Protocol. Each Protocol must be set up individually. No, one cannot select a "both" setting for TCP and UDP.

10) Source Ports -> Any

11) Destination Ports -> you can select single port or a range of ports, which is nice. Select Single if you wish to open one port or Range if you wish to open a Range of ports. Enter the destination port in the box with appears to the right. This will be the port the application wants opened.

12) Select OK.

13) If you want to add more ports, select the Pencil icon on the right next to the ports you just added.

14) Repeat for each protocol and port combination you wish to add.

15) Once done with that Application, the Forward to Port drop down menu should read Same as Incoming Port. That is correct. If it reads anything else, change it to read Same as Incoming Port.

16) Schedule is usually set for Always, but that's a personal preference. If you wish to set a schedule, Select User Defined.If not, leave it at Always and continue

16a) Name the Scheduling Rule. Under Rule Activity Settings, Select the radio button for Rule will be active.... or Rule will be inactive at the scheduled time.

16b) Under Time segments, Select New Time Segment Entry.

16c) Chose the day of the week buttons you wish to enable or disable depending on whether you chose to have the schedule make the port forwarding active or inactive during scheduled times.

16d) Under Start Time, Select New Hours Range Entry. Enter a Start Time and End Time. Seeing as there is no AM/PM indicator, I would use military time, meaning that midnight = 00:00 and noon = 12:00.

16e) Repeat each Scheduling rule as needed. Yeah, it's a hassle, hopefully, you can just select Always, but if not, at least the instructions are here for you.

17) Click OK. If you wish to add new Applications, click New Entry and return to step 6 and repeat.

I play World of Warcraft. I tested this with both the application and the Blizzard Downloader (which is rather finicky) using the Cataclysm movie and had no problems. I tested using my Mac Pro running 10.6.2 as well as my 7 year old Powerbook running 10.4.11 (the OS shouldn't be an issue and it wasn't, thankfully)

That's pretty much it regarding port forwarding on the Westell A90-9100EM15-10 wireless router. 

Yes, it's crude, yes, it means that anytime a person's IP changes, you have to edit the IP of the rule on the router. Yes it means if someone with a laptop comes over to use an app which requires this, rather than having a local network portforwarding rule (like virtually every other router has that uses NAT), you'll have to manually add and monitor each IP address in case it changes.

And YES, if you reset the router during a routine Tech Support call, you have to do it all...over...again...

Hope you all found this helpful.

Re: Westell A90 9100EM15 port forwarding
viafax999
Community Leader
Community Leader

You said

Yes, it's crude, yes, it means that anytime a person's IP changes, you have to edit the IP of the rule on the router. Yes it means if someone with a laptop comes over to use an app which requires this, rather than having a local network portforwarding rule (like virtually every other router has that uses NAT), you'll have to manually add and monitor each IP address in case it changes

As to the second part of the statement.regarding ad hoc visitors.  You could always obtain a second router (of the kind that has  a local network portforwarding rule - not sure I've sever seen that)  and run all the game playing devices on the second router subnet.  Forward the desired ports thru the first router to the second router static address and do whatever it is that you do on that kind of router to open it up.

5) In the Local host box, type in the IP address of the computer requiring the ports. Yes, at this time, you must set up portforwarding rules for EACH IP address. I know they are DHCP as assigned by the NAT server and this is a really, REALLY dumb thing. Verizon is aware of this and even the technicians can't fathom why it is this way.

That's the way it works on all routers I've ever seen.  That's also the reson why anybody in their right mind assigns static addresses to the devices they are going to port forward to.

And YES, if you reset the router during a routine Tech Support call, you have to do it all...over...again

AGREED it would be nice if all routers were like my DIR-655 that allows you to save the router config so that it could be re-applied after a hard reset.

0 Likes
Re: Westell A90 9100EM15 port forwarding
Mackeyser
Enthusiast - Level 3

Obtaining a second router is clunky and unnessary. There is no reason to insert a second device to simply do NAT and DHCP, which the Westell can do. It makes troubleshooting that much more difficult and removal of that layer will ALWAYS be required in order to get support from Verizon. So, unless a fixed IP were mandatory, and it isn't, then the fewer devices I have to maintain, the better.

As well, I there are benefits to having a dynamic address via NAT.

As for "that's the way it works on all routers I've seen", I will respectfully put to you that the Westell A90 9100's method is the ONLY consumer level router which expects users to SPECIFY the IP of users INSIDE the firewall even with Rule Application. Others *allow* it, but don't require it. That's the difference.

It makes no sense to do resort to secondary devices and fixed IPs when the preferred method of servicing those clients is to provision them with IPs allocated via NAT and DHCP. Sure, one COULD insert a second router and force a "fixed" 192.168.1.x address, but why? That simply masks the poor firmware functionality of this router.

I would put to anyone who cares to take a look... Find the instructions for the Actiontec... or the D-Link or Linksys routers sold over the counter.  I guess the distinction would be that while it is *possible* to manually port forward, which yes, does require individual IPs... ugh, it is possible with the DLink to simply use the Application rules to Port Trigger. That way, for applications I use network wide, I don't have to deal with the router for each machine.

For example, I've used my DLink router for 3 years now. I believe I have the 615. It was easy. I made ONE subnet-wide portforward via Application Rules and it universally applied to all the clients on my network. Easy peasy. So when I took my laptop out and came back and the DHCP renewed to a new IP (not often, but occasionally), I never had to touch the router to keep using my apps.

See, the thing is... if the router firmware were done properly, no one would have to jump through all those hoops of adding superfluous secondary routers and assigning "fixed" IPs from those secondary routers. Application rules would allow users to distinguish between network wide applications and machine specific applications.

I think we can agree the Firmware is based on REALLY old information. The Westell A90 9100 application list includes Heat.net (doesn't exist anymore), Quake II, and battle.net listing Diablo (not Diablo II or WoW... so we're talking 8 years ago? at least?) and Xbox.... No CoD, no Battlefield, no Xbox Live, no PSnet.... so yeah, it's old.

If nothing else, just having global application rules would make it easier for non-technical customers to get their current, modern applications to work without messing with manual port-forwarding or the DMZ, something, frankly, which non-technical people shouldn't be messing with in the first place.

Re: Westell A90 9100EM15 port forwarding
Dmytides
Newbie

I followed the steps laid out above, but the problem is that there are two computers using the same router that play WoW. I know I can't portforward to both IPs. Anyone have a solution for this?

0 Likes
Re: Westell A90 9100EM15 port forwarding
Dmytides
Newbie

And to add to this, after going through the efforts above, this fix did not work for me. I spent the night with huge lag spikes and random disconnects for both comuters that connect to this router. Any thoughts on how to fix this would be appreciated, this has been going on for the full month that I've been a Verizon customer and no solutions have worked yet.

0 Likes
Re: Westell A90 9100EM15 port forwarding
fixmyports123
Newbie

This has troubled me too, in trying to setup my home camera to view from on the road.

I ran something called "shields up" (google it), and it determined that I have no ports available.  They're all in "stealth" mode.  I googled some more and it seems that with my Verizion Fios, I will have no luck - Vz blocks basically everything.  I have found no posts that give me any enouragement.  It looks like I'll be dumping verizon as soon as I can.

Anyone have any advice?

0 Likes
Re: Westell A90 9100EM15 port forwarding
prisaz
Legend

@fixmyports123 wrote:

This has troubled me too, in trying to setup my home camera to view from on the road.

I ran something called "shields up" (google it), and it determined that I have no ports available.  They're all in "stealth" mode.  I googled some more and it seems that with my Verizion Fios, I will have no luck - Vz blocks basically everything.  I have found no posts that give me any enouragement.  It looks like I'll be dumping verizon as soon as I can.

Anyone have any advice?


All ports will show steath mode even if you have them forwarded, if the device does not answer. There is a port called ident 113 and many routers would leave this port open and respond, so I used to forward it to one of my IP addresses that I considered a dump.  Shields up would scan the open port, but there is no device to answer at that IP, so it showed stealth. I can say for sure Verizon does not block everything. I have heard of issues with some of the routers.

0 Likes
Re: Westell A90 9100EM15 port forwarding
viafax999
Community Leader
Community Leader

@fixmyports123 wrote:

This has troubled me too, in trying to setup my home camera to view from on the road.

I ran something called "shields up" (google it), and it determined that I have no ports available.  They're all in "stealth" mode.  I googled some more and it seems that with my Verizion Fios, I will have no luck - Vz blocks basically everything.  I have found no posts that give me any enouragement.  It looks like I'll be dumping verizon as soon as I can.

Anyone have any advice?


As Prisaz says GRC shields up will only report an open port as being a port where something replies, otherwise they will all be reported as stealth..

By deafult all the inbound ports on your router are going to be closed.  All the outbound are open.  This means that if you start an IP conversation from and inside machine then the outside end can talk to the inside end, however no outside machine can start an IP conversation with your inside machines, even if you have applications running and listening on ports, because the routre is blocking all ports.

You need to open the required ports on the router for your listening applications and get the router to forward the data to to the required IP address/range of addresses/machine name.

If your camera is addresses via http (typically a web service) then you need to setup port forwarding in the router for the listening port designated by the web service (typically for http this is port 80 but realistically you should use something else if possible).  Then if you scan using shields up the port will show as open.

How you set up your port forwarding is up to you.  I personally prefer to use fixed ip addresses whereas the initiator of this thread seems more keen on allowing machine names.  As I'm not into games and don't have lots of adhoc visitors the restrictiveness of fixed IP addressing doesn't really worry me.

Had you actually set up port forwarding before you ran shieldsup?  if so it would indicate that there is something wrong with your port forwarding rule or that the application was not running.