NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

buchtik's avatar
buchtik
Tutor
Jun 12, 2016
Solved

Port Forwarding - communication outside of the rules

Can someone explain to me - the external communication (no asked) outside the rules of redirection to LAN network - the firewall does not work ?

 

 

Port forwarding rules:

1 DMS B                5001 5001 5001 5001             192.168.2.110
2 File manager      7001 7001 7001 7001            192.168.2.110
3 FTP pasiv            56663 56663 56663 56663   192.168.2.110
4 FTP                      20 21 20 21                          192.168.2.110
5 Topfield                 8080 8080 80 80                  192.168.2.111
6 Photo station https 6001 6001 6001 6001        192.168.2.110
7 https                     443 443 443 443                 192.168.2.110

 

Log 

 

[LAN access from remote] from 109.76.9.56:43862 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:38:50
[LAN access from remote] from 122.121.47.240:27952 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:36:22
[LAN access from remote] from 83.252.34.241:13375 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:35:47
[LAN access from remote] from 103.255.6.249:34200 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:25:28
[LAN access from remote] from 86.142.15.116:44645 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:24:43
[LAN access from remote] from 193.25.121.37:49027 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:24:39
[LAN access from remote] from 157.55.130.142:40024 to 192.168.2.109:50420, Sunday, Jun 12,2016 18:24:04
[LAN access from remote] from 93.91.50.207:21716 to 192.168.2.109:50420, Sunday, Jun 12,2016 18:23:44
[LAN access from remote] from 62.57.3.125:16034 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:23:10
[LAN access from remote] from 81.153.10.249:31117 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:21:31
[LAN access from remote] from 92.138.23.180:22338 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:16:56
[LAN access from remote] from 178.151.235.231:60753 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:15:56
[LAN access from remote] from 178.151.235.231:62301 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:15:56
[LAN access from remote] from 178.67.6.41:61675 to 192.168.2.110:443, Sunday, Jun 12,2016 18:15:56
[LAN access from remote] from 178.67.6.41:37705 to 192.168.2.110:443, Sunday, Jun 12,2016 18:15:56
[LAN access from remote] from 213.148.250.48:62231 to 192.168.2.110:80, Sunday, Jun 12,2016 18:15:56
[LAN access from remote] from 70.121.36.112:5875 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:15:36
[LAN access from remote] from 157.55.130.142:40024 to 192.168.2.109:50420, Sunday, Jun 12,2016 18:13:27
[LAN access from remote] from 50.77.26.180:24371 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:13:14
[LAN access from remote] from 93.91.50.207:21716 to 192.168.2.109:50420, Sunday, Jun 12,2016 18:13:07
[LAN access from remote] from 106.186.113.132:59493 to 192.168.2.110:443, Sunday, Jun 12,2016 18:12:46
[LAN access from remote] from 188.68.224.62:47184 to 192.168.2.111:80, Sunday, Jun 12,2016 18:07:55
[LAN access from remote] from 95.152.42.254:22447 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:07:36
[LAN access from remote] from 98.30.53.189:51600 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:07:01
[LAN access from remote] from 84.185.9.56:58355 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:04:51
[LAN access from remote] from 216.243.31.2:54820 to 192.168.2.110:443, Sunday, Jun 12,2016 18:04:50
[LAN access from remote] from 2.9.62.189:20509 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:04:06
[LAN access from remote] from 81.19.42.10:32464 to 192.168.2.120:21716, Sunday, Jun 12,2016 18:01:00
[LAN access from remote] from 109.202.57.255:37185 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:58:22
[LAN access from remote] from 86.186.55.52:24616 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:57:01
[LAN access from remote] from 80.12.59.178:8776 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:54:26
[LAN access from remote] from 118.165.136.68:12200 to 192.168.2.111:80, Sunday, Jun 12,2016 17:54:11
[LAN access from remote] from 75.172.16.127:59995 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:50:56
[LAN access from remote] from 81.19.42.10:32437 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:50:51
[LAN access from remote] from 122.106.24.52:6170 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:50:04
[LAN access from remote] from 2.223.3.56:57069 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:44:55
[LAN access from remote] from 5.170.5.252:38983 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:42:50
[LAN access from remote] from 207.244.70.169:45061 to 192.168.2.111:80, Sunday, Jun 12,2016 17:40:46
[LAN access from remote] from 81.19.42.10:32393 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:39:55
[LAN access from remote] from 86.159.49.255:48847 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:39:51
[LAN access from remote] from 68.10.26.177:58455 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:39:06
[LAN access from remote] from 141.212.122.86:39748 to 192.168.2.110:80, Sunday, Jun 12,2016 17:38:50
[LAN access from remote] from 141.212.122.85:51736 to 192.168.2.110:80, Sunday, Jun 12,2016 17:38:50
[LAN access from remote] from 80.222.36.54:59037 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:38:15
[LAN access from remote] from 108.232.39.182:39545 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:33:47
[LAN access from remote] from 81.19.42.10:32335 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:29:44
[LAN access from remote] from 37.186.43.53:13197 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:28:21
[LAN access from remote] from 164.132.161.59:51799 to 192.168.2.110:443, Sunday, Jun 12,2016 17:27:41
[LAN access from remote] from 185.35.62.85:60864 to 192.168.2.110:123, Sunday, Jun 12,2016 17:27:02
[LAN access from remote] from 85.76.17.248:7552 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:25:21
[LAN access from remote] from 5.31.57.245:44693 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:24:37
[LAN access from remote] from 157.55.130.142:40024 to 192.168.2.109:50420, Sunday, Jun 12,2016 17:20:54
[LAN access from remote] from 93.91.50.207:21716 to 192.168.2.109:50420, Sunday, Jun 12,2016 17:20:34
[LAN access from remote] from 39.58.15.127:43476 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:20:03
[LAN access from remote] from 81.19.42.10:32324 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:18:39
[LAN access from remote] from 92.74.47.56:16448 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:17:47
[LAN access from remote] from 188.68.224.62:44008 to 192.168.2.111:80, Sunday, Jun 12,2016 17:15:24
[LAN access from remote] from 109.153.34.244:6447 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:14:28
[LAN access from remote] from 39.57.48.117:59954 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:13:37
[LAN access from remote] from 81.19.42.10:32155 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:08:31
[LAN access from remote] from 87.125.38.60:31659 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:07:21
[LAN access from remote] from 86.44.0.185:31633 to 192.168.2.120:21716, Sunday, Jun 12,2016 17:02:33

 

firewall
forwarding
Security
  • TheEther's avatar
    TheEther
    Jun 12, 2016

    Hang on, you have two port forwarding rules allowing ports 80 and 443 through.

     

    5 Topfield                 8080 8080 80 80                  192.168.2.111
    7 https                     443 443 443 443                 192.168.2.110

     

    And that's exactly what your latest logs show.

10 Replies

    • buchtik's avatar
      buchtik
      Tutor
      Jun 12, 2016

      All line in Readyshare denied, router restart:

       

      [LAN access from remote] from 52.163.94.221:35396 to 192.168.2.111:80, Sunday, Jun 12,2016 22:01:01
      [LAN access from remote] from 52.163.94.221:38803 to 192.168.2.111:80, Sunday, Jun 12,2016 22:00:53
      [LAN access from remote] from 52.163.94.221:56084 to 192.168.2.111:80, Sunday, Jun 12,2016 21:59:58
      [LAN access from remote] from 83.248.8.14:22625 to 192.168.2.110:443, Sunday, Jun 12,2016 21:42:37
      [LAN access from remote] from 83.248.8.14:61861 to 192.168.2.110:443, Sunday, Jun 12,2016 21:42:37

       

      ========

      Warning!
      I solved the problem before 2 years  - with headquarters support Netgear for 6 months, but no solution to the problem. (Including sending the config file ... et cetera.)
       
      I this time come new firmware - no solution.
      • TheEther's avatar
        TheEther
        Guru
        Jun 12, 2016

        Hang on, you have two port forwarding rules allowing ports 80 and 443 through.

         

        5 Topfield                 8080 8080 80 80                  192.168.2.111
        7 https                     443 443 443 443                 192.168.2.110

         

        And that's exactly what your latest logs show.

  • TheEther's avatar
    TheEther
    Guru
    Jun 12, 2016

    Do you have UPnP enabled?  If so, check the UPnP table to see what additional ports have been opened.

    • buchtik's avatar
      buchtik
      Tutor
      Jun 12, 2016

      where exactly do I find these settings?   Search UPnP settings in help is not successful ...