Port forwarding------- modem or router or both

42etus

42etus

Active Member
I want to set up the Elk M1 ToGo program to access my Elk when away from home and I know that I need to forward the secure port 2601 to my Elk XEP's address. What I'm foggy about is what device I forward the port on. I have a DSL modem that connects by ethernet to a router that then connects to the XEP by ethernet. Do I forward the 2601 port on the DSL modem to the XEP address, or forward it on  the router? Do I forward 2601 on the modem to the router's address (192.168.0.1) and then forward it on the router to the XEP?
 
The DSL modem is a Actiontec GT701 (with Century Link (was Qwest)) and the router is a Cisco E3200 if that matters
 
 
 
 
Typically the routher and DSL modem are the same device, but they can be split like it looks like you have done.  Did you not like the Wi-Fi in the Actiontec? Actually I have the same modem with Centurylink.
 
In any case, the modem is just a modem in your case. Typically it doesn't even have a web page in the configuration you are using.  The router, the device which assigns the IP addresses does the port forwarding.  Just make sure that there is security in place because not only YOU can get to that port, but every hacker from here to China can get to that port, and if they can break into Yahoo or Amazon, chances are breaking into your ELK won't be that hard for them.  I don't know the security ELK uses, it may be fine, but check. At the least, its also good to change the port number and NOT use 2601 externally.  At least that way, they can't easily determine the device they are connected to. 
 
Ano,
My modem is the GT701 not the GT701WG. The 701 doesn't have wifi or router capabilities, thus my Cisco router. The GT701 does have a configuration web page (192.168.0.1) which has a section to forward ports. That's what prompted my question. I was puzzled that if the modem would allow all traffic to pass to the router, why would it even have the port forwarding capabilities. I'll give your suggestions a try and see what happens.
 
What you are saying doesn't make much sense.  A router does port forwarding, not a modem.  The router is the device that directs the WAN traffic to the proper LAN devices, and that is precisely what a port forward is.  When traffic is initiated from your LAN, the router directs responses back to the same device.  When traffic is initiated from the WAN, the traffic must have a port number associated with it that the router is programmed to recognize and direct to the appropriate LAN device.
 
If you have both a modem and a router, then the modem is going to just be passively passing through the WAN IP address to the router which then distributes things to the correct LAN IP.  Keep in mind that some devices are "all-in-one", serving as a modem, router, and switch. . . ATT calls them "gateways"
 
Keep in mind that a router can also be configured as a switch, in which case it doesn't make any decisions.  If your modem is plugged into the WAN port of the router, then your router must be assigning the addresses and therefore the port forward would be done there.
 
O.K. I understand.  What you are doing is you have your Actiontec Modem/Router connected to another router.  That does work, but it really is not the ideal way to do it. Unlike Cable, DSL modems almost always contain routers as well. Its a bit advanced, but you really should put your Actiontec Modem/Router into Modem-only mode, and set your Cisco router to authenticate your modem. (Connect via PPPoE)  If you set it like that your Modem (Actiontec) will NOT be reachable with a web page, and your router (Cisco) will be where your account information for DSL is stored. I need to write down your account information on the Actiontec, BEFORE you switch it to dumb modem mode. This account information will then be needed to put into your router.
 
Like I say, this is a bit advanced, so if you don't understand what I said, or don't have a real knowledgeable friend, just leave it alone.  If your adventurous, CenturyLink did have a explanation on how to make the Modem/Router into a Modem-only, but they say you are on your own in that respect.
 
In any case, ignore the port forwarding in the first router (Actiontec) and do your port forwarding in the second.
 
I'd go the other direction and use the router function in the GT701 (My manual says it's there.) and configure the E3200 as a switch.  In this case, the port forwarding settings would be in the GT701.
 
jpmargis said:
I'd go the other direction and use the router function in the GT701 (My manual says it's there.) and configure the E3200 as a switch.  In this case, the port forwarding settings would be in the GT701.
Click to expand...
 There is nothing wrong with doing that, but the likely reason that 42etus didn't do that (and definitely why I didn't do it that way) is because the GT701 sucks, and is a marginal router at best.  I use an Apple Airport as my router, and it can run circles around the GT701. The GT701 is an OK modem and not much more. 
 
Well I've tried everything suggested and all I can think of and still can't get through to my Elk.
 
I've left port forwarding off on the modem and forwarded the port in the router................no go
I've forwarded in the modem to 192.168.0.1 ( the router) and then forwarded the router to the Elk....................still no go
I tried to forward in the modem directly to the Elk, but it wouldn't accept that. Said the Elk, 192.168.1.xxx, was in a different subnet, which it is.
 
Still scratching my head on this one. Maybe a call to CenturyLink in in order  (Shrudder)
 
42etus said:
Well I've tried everything suggested and all I can think of and still can't get through to my Elk.
 
I've left port forwarding off on the modem and forwarded the port in the router................no go
I've forwarded in the modem to 192.168.0.1 ( the router) and then forwarded the router to the Elk....................still no go
I tried to forward in the modem directly to the Elk, but it wouldn't accept that. Said the Elk, 192.168.1.xxx, was in a different subnet, which it is.
 
Still scratching my head on this one. Maybe a call to CenturyLink in in order  (Shrudder)
Click to expand...
 
 
The best way to do this is to get your dsl modem to pass your external IP through to the router.
 
You should have the CAT wire going from the modem to the WAN port on the router.
 
Since it is DSL, you should be able to set your login info on your router (ppoe).
 
When you check your status page on your router, you should have an external IP listed there (not 192.168.xxx.xxx or 10.10.10.x).  In other words, if you type "whats my ip" into google, the number they show needs to be the same number your router is giving as your internet ip lease.
 
If not, you need to figure out how set the dsl modem to behave strictly as a modem.
 
If your router is giving you that number, and it still isn't working, then you problem is in your port forward settings on the router itself.
 
They said it above - it sounds like you have double-routing (double-NAT) going on.  It's actually technically possible to still accomplish the XEP pass through, but it's very far from ideal and it would require port forwarding through both devices.
 
Get the DSL modem into Bridge Mode - then it'll be passing the IP Address directly to the Cisco router; DSL often uses PPPoE and if yours does, those settings would now get set in the cisco router, and when you look up the WAN ip address, it'll be a real routeable address (NOT 192.168.x.x; 172.16.x.x; 10.x.x.x).  Like Lou said, the router's WAN IP Address should match what you see at www.myipaddress.com - and is usually shown on a "Status" page in the router.  If the router's WAN (not LAN) IP Address is in any of the ranges I listed, it's definitely double-natting.  This creates extra overhead and can cause problems in some instances... not to mention, it makes any and all port forwarding a nightmare.
 
As far as whether or not to port forward the XEP - that's up to you; I recommend a non-default port and of course only forwarding the SSL port.  Plenty of people do it, including the people who make the Elk - so take that for what it's worth.
 
I finally got it :D . I could never get it to work when I bridged the modem, I'd always loose the internet and ability to connect back to the modem to reverse changes. What I finally did work was to forward the modem to the router (192.168.0.3) And then forward the router to the Elk panel. Don't know why I didn't think of that before. It's probably not the best way to get through, but it did work. Got to leave town tomorrow for a couple weeks, maybe I'll try the modem, bridging again when I get back.
 
FWIW, I called CenturyLink tech support and they told me that the modem (the Actiontec GT701) was capable of doing what I wanted to do, but that they would not offer any support in doing it. I guess that's why there's forums like this one!
 
Thanks for all the help trying to get this solved for me
 
Paul
 
That's a tolerable workaround, just not ideal; the thing is, once you put the modem in bridge mode, there's no reason to access it anymore.  Once it's bridging the connection, you then go into your router and configure any PPPoE settings and basically forget about the modem.  That said, in some cases I've seen it where a PC with a manually set IP address could still hit the modem's web interface should it be needed.
 
This is a good place for help, and also dslreports.com has probably done what you're trying to do plenty of times.
 
Enjoy your trip - when you get back I'm sure we can help you get it straightened out.
 
I have DSL from CenturyLink. I'm can't check what the model number of the modem is so I don't know if it is just a modem or a modem/router. If it IS a modem/router it's running in bridge mode. The WAN port or my router (SonicWall) is configured as a DHCP client, not PPPoE.
 
Frederick C. Wilt said:
I have DSL from CenturyLink. I'm can't check what the model number of the modem is so I don't know if it is just a modem or a modem/router. If it IS a modem/router it's running in bridge mode. The WAN port or my router (SonicWall) is configured as a DHCP client, not PPPoE.
Click to expand...
 
Does your router have the public IP address assigned to it?  
 
You must log in or register to reply here.

Similar threads

B
Port forwarding
Replies
10
Views
900
pete_c
pete_c
F
ELK M1 - Can't connect from Outside of LAN using M1toGo or Elk RP2
2
Replies
20
Views
3K
flbbon4123
F
Z
Omnipro II network connectivity
Replies
4
Views
2K
pete_c
pete_c
J
OmniPro II "sudden" hard failure - SYSTEM RESETS and generally going berserk
2
Replies
22
Views
2K
electron
electron
A
New Router OmniPro Issues
Replies
8
Views
935
pete_c
pete_c
Back
Top