NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
IP rejected by DNS on Netgear N600 WNDR3400v3
I have a website and use CORE FTP to upload files to the DNS. I have used the Netgear router and CORE FTP for years with not problem at all. Yesterday I attempted to connect to the DNS to upload files and got the error message "No connections allowed from your IP Can't establish connection --> aster.arvixe.com:21 @ Tue May 11 15:56:46 2021 (0-2)" I called my host who said the problem wasn't on their end and that the problem was with my ISP. My host did say that my IP address 69.2X.XXX.X was blacklisted and that the ISP would have to remove it from the blacklist.
I called my ISP and the end result was that the problem is with the router. ISP said they do not put IPs on blacklists. Further, when I disconnected my desktop computer from the Netgear router and plugged directly into the ISP modem, Core FTP worked just fine and there was not error message. That would mean that whatever is going on is with the router and not the internet connection or my ISP.
If I look at the network connections on my desktop, none of the IPv4s are the 69.2X...... IP address. I don't have a clue were that IP is getting into the picture but it is in the router without doubt.
I have rebooted the router. From instructions I have found, the router has been reset to factory defaults.
Any suggestions would be greatly appreciated.
3 Replies
> I have a website and use CORE FTP to upload files to the DNS. [...]
"to the DNS"? What has DNS to do with anything?
> [...] got the error message "No connections allowed from your IP Can't
> establish connection --> aster.arvixe.com:21 @ Tue May 11 15:56:46 2021
> (0-2)" [...]You "got the error message" from this "CORE FTP" program, or what?
> [...] I called my host [...]
The organization which hosts your web site?
> [...] who said the problem wasn't on their end and that the problem
> was with my ISP. [...]That makes no sense to me. I wouldn't expect your ISP to block your
access to anything, nor to generate any such message. The people who
operate that FTP server are the only ones I'd expect to be able to do
any of that.
> [...] My host did say that my IP address 69.2X.XXX.X was blacklisted
> and that the ISP would have to remove it from the blacklist.What/whose "blacklist"?
> [...] ISP said they do not put IPs on blacklists. [...]
That makes sense. Any such blacklist would be associated with the
relevant FTP server, not with your FTP client program, not with your
router, not with your ISP.My guess is that someone at your "host" might have suggested that
your ISP could give you a new/different public IP address, and thus
evade the (that is, the host's own) blacklist, but a more efficient path
would be for them to remove your blacklisted public IP address from
their blacklist.
> If I look at the network connections on my desktop, none of the IPv4s
> are the 69.2X...... IP address. I don't have a clue were that IP is
> getting into the picture but it is in the router without doubt.Some of your readers can't see what you're seeing.
Your router has two network interfaces, LAN and WAN/Internet. If
your router's WAN/Internet interface is connected to your ISP (typically
through a modem), then the router's gets its address WAN/Internet IP
address from your ISP. That would be your public IP address.Devices on your LAN get their (LAN) IP addresses from the router,
typically "192.168.0.x". The router's NAT feature allows your local
devices to share the one external/public address when communicating with
the outside world.> I have rebooted the router. [...]
Not a router problem. Not an ISP problem.
I'd contact the (lame? misunderstood?) hosting organization, and ask
them to remove your IP address from their blacklist, and/or to explainhow it got onto their blacklist in the first place, and how to prevent a
recurrence.Why does Core Ftp work when the desk top is plugged directly into the ISP modem but is rejected by the DNS when the desk top is plugged directly into the Netgear router?
You say contact the DNS and have them correct the problem. Would you think they have someone sitting in their database monitoring if my connection is directly from the desk top computer or the connection is from the Netgear router so they can deny a connection if it is from the Netgear router?
> Why does Core Ftp work when the desk top is plugged directly into the
> ISP modem [...]I don't know. This is the first I've heard about that behavior. I
know nothing about your (unspecified) "the ISP modem". I've never seen
a complete IP address for any part of your system.> You say contact the DNS [...]
I never said that. I'm still not sure what "the DNS" means to you.
To everyone else:https://en.wikipedia.org/wiki/Domain_Name_System
> [...] Would you think they have someone [...]
No, but I'd expect them to be able to see your external/public IP
address, which is more than _I_ can do unassisted. I can _imagine_ that
your ISP gives your computer and your router different IP addresses when
they're connected to your (unspecified) "the ISP modem", which could
explain that behavior.As already explained, I _would_ expect any blacklist involved here to
be maintained by your site-hosting organization, not by your ISP (who
agreed), and not by your router (which could not generate a message like
that, as I imagine it, anyway).> You "got the error message" from this "CORE FTP" program, or what?
Still a mystery. I've never seen that actual message in context,
either. I'd guess that it comes from the FTP server, and gets passed
along by your FTP client program, but these are guesses based on
incomplete information.
Knowing nothing, I'd guess that a message like "No connections
allowed from your IP [address]" was related to the IP address seen by
the system which is rejecting the connection, so I'd be looking at that
address in the two different situations to see if it might differ.Blame Assignment is Job One. You seem intent on blaming your router
(or your ISP) for things which they can't (so far as I can see) be
responsible. I'm always open to actual evidence, but only one of us has
access to any of the relevant information, and he has been pretty stingy
with it up to now. ("got the error message", "my IP address
69.2X.XXX.X", for example.)_If_ your ISP gives your computer and your router different IP
addresses, then you might be able to induce it to give your _router_ a
different (WAN/Internet, external/public) IP address by changing its MAC
address (on that interface).Visit http://netgear.com/support , put in your model number, and look
for Documentation. Get the User Manual (at least). Read. Look for
[BASIC > Internet >] "Router MAC Address".But, if your site-hosting organization had some reason for
blacklisting your old IP address, then I wouldn't bet on a new one being
more than a temporary work-around.