Port Forwarding M1EXP

braddg

New Member
Hello everyone,

I am in the middle of my first Elk M1G install and I am having issues with the M1EXP and port forwarding the internal web server. My router is setup to port 2601, 21, 26 and 80 to the IP of the M1EXP. I also have DDNS setup with a URL pointing to my WAN IP address. If I use a computer on my network and type in the URL, the M1EXP web page shows fine. As soon as I use a computer outside of my network, I get nothing. I have even tried to setup the M1EXP LAN IP in the DMZ to allow all ports to be forwarded with no luck.

What confuses me is why a computer in the network that is loading from the URL works fine? The URL points to my WAN IP address, not my LAN internal IP address. :)

Any suggestions would be greatly appreciated!!!

Thanks,
Brad
 
Welcome to CocoonTech.com, Brad.

What is the make/model of router are you using?

I assume that you are entering your DDNS address when you are outside of your network. To test to make sure it is resolving correctly, run cmd and type nslookup <your DDNS address>. Check and see if your DDNS resolves to your WAN IP address. If it doesn't, then something isn't right with your DDNS setting. Run an online DNS lookup too just to verify. You can use http://centralops.net/co/NsLookup.aspx or http://network-tools.com.

Some ISPs block certain service ports such as 80 and 21. Goto www.grc.com and run a ShieldsUp! scan using All Service Ports option. Check and see if it is able to connect to the ports that you have forwarded. You will have to use User Specified Custom Port Probe to check port 2601.

If you want, you can PM me with your DDNS address. I can resolve it and *with your permission* I can run an nmap scan to see what ports appear open.
 
What confuses me is why a computer in the network that is loading from the URL works fine? The URL points to my WAN IP address, not my LAN internal IP address. :)
I bet your router knows that you are trying to get back inside and does a short-circuit. Sorry I cannot be more help.
 
Thankyou guys for your help!

As suggested, I used ShieldsUP! to prove that port 80 and 21 are being blocked by my ISP. So I setup my router to take a different port and forward it as port 80 inside my network. So I just type URL:port and my router automatically forwards it as port 80 to the M1EXP.

I'm only worried now about port 21. Can I still get firmware updates for the M1EXP through ElkRP? Or do I need an unblocked port 21 to received firmware updates?

Thankyou!!
Brad
 
Majority, if not all, outbound traffic is not blocked by your ISP. So no need to port forward 21 since you are not serving FTP just connecting to Elk for firmware updates.

I will have to read through the M1XEP manual but you should only open up what you are wanting to connect to from the outside, i.e. port 80, or in your case whatever other port you opened. No need to forward what is going out, i.e. port 21. I would stay away from port 8080 if that is the port you assigned. It is very common. Use something random from 1025 to 65513.

Glad you got it up and running.
 
Back
Top