Orbi WiFi 7 RBE973
Reply

Re: FVS338 Not Forwarding Packets

Tridac
Aspirant

FVS338 Not Forwarding Packets


FVS338 Port Forwarding Failure


Hi,

Posted this query on another forum, but it's been suggested that I post it here. A port forwarding problem, started with an FVS318, now an FVS338, neither of which foreward traffic from wan to lan host.

 

Using an  FVS338, older model, but latest firmware from 2013 and reset defaults to start.

 

Setup is as follows:

 

Mode: Nat, not router
DHCP: Disabled
Routing: No entries

 

External Wan ip: 192.9.200.252
Gw: 192.9.200.254
Mask: 255.255.255.0
Dns: 208.67.220.220, 208.67.222.222

 

Internal Lan Ip: 10.10.10.250

Telnet host is at: 10.10.10.150

Telnet client is at: 192.9.200.214


Start by trying something simple, telnet from wan to a lan host, so set up a rule
as follows:

 

Default Outbound Policy: Allow Always
No added rules

 

Inbound Services
Service Name Filter LAN Server IP Address LAN Users WAN Users Destination Bandwidth Profile Log
TELNET Allow Always 10.10.10.150 ANY WAN1 NONE Always


Result log is:

[kernel] LOG_PACKET[DROP] IN=WAN OUT=LAN src=192.9.200.214 DST=10.10.10.150 PROTO=TCP SPT=36372 DPT=23

 

Outgoing pings from lan to wan host and ntp time update works fine, so the

network is ok.

 

I'm just trying to link 2 subnets for added security, no need for speed, so this unit should be fine as proof of concept. Just followed the instructions in the manual but doesn't work and the log files don't say much as to the cause. Did try pointing zenmap at the wan port, which says telnet, 23 is open, but the box is dropping the packets, not forwarding them to the lan side client. I know this is an older unit, but it should still work as per the manual...

Have setup and using pfsense, opnsense and other open source firewalls for years now and do embedded development for work, so this should be a 1/2 hour setup, right ?. Have used Netgear routers for years without a problem, as a simple outgoing nat router, but did port forwarding ever work on Netgear kit, or is there someting obvious i'm missing ?...

Regards,

Chris

 

Message 1 of 8
DaneA
NETGEAR Employee Retired

Re: FVS338 Not Forwarding Packets

Hi @Tridac,

 

Using an  FVS338, older model, but latest firmware from 2013 and reset defaults to start.

The latest firmware for the FVS338 is v3.1.1-08 which was posted last 2016.  I suggest you to upgrade the firmware of your FVS338 to v3.1.1-08 then check if the same problem will occur.  You can also perform a factory reset after upgrading the firmware to the latest version then reconfigure the setting from scratch in order to start clean using the latest firmware version.  You can download firmware v3.1.1-08 here.

 

Just sharing the link below as reference about Forwarding Ports in the FVS338:

 

https://portforward.com/netgear/fvs338/

 

 

Regards,

 

DaneA

NETGEAR Community Team

Message 2 of 8
Tridac
Aspirant

Re: FVS338 Not Forwarding Packets

Hi,

 

Thanks for the reply.I do have the latest firmware installed and did a factory settings reset after doing that and before reconfiguring the box. Just wondering what other dependencies there are in the setup that could be affecting things ?. Are there any undocumented diag commands to give more info on the log messages, internal routing and arp tables etc ?.

 

As i said, zenmap thinks telnet port 23 s open, but the box is dropping the packets, so sounds like an internal nat rule problem. Have no schedules defined either, that might be getting in the way...

 

Regards,

 

Chris

 

Regards,

 

Chris

Message 3 of 8
Nodism1125
NETGEAR Expert

Re: FVS338 Not Forwarding Packets

Is the FVS338 router is behind to another router link as modem/router combo? If yes, this might cause a Double NAT setup. 

 

 

Message 4 of 8
Tridac
Aspirant

Re: FVS338 Not Forwarding Packets

Hi,

 

Thanks. The 338 wan side is on a secure subnet behind a hardware firewall, an experimental setup to show port forwarding works, before installing eleswhere. Overall data flow is:

 

Isp <->  hw firewall @192.9.200.254  <->  (338 wan side port @192.9.200.252  338 lan side port @10.10.10.250) <-> Lan host @10.10.10.150

 

Have remote management enabled initally, so I can login to the 338 from wan or lan side. Have tried the following:

 

  • ping to wan host 192.9.200.254 from 338 diagnostics, works, so wan host ok
  • ping to lan host 10.10.10.150 from 338 diagnostics, works, so lan host ok
  • traceroute to google.com from 338 diagnostics, works, so dns handling ok
  • 338 internal ntp client, sets time, works

So, it looks like the lan and wan networks and basic functions are up and ok.

 

Have just one incoming rule defined, telnet from anywhere on wan -> lan host @10.10.10.15, but drops packets.

 

Including a fewping-wan.pngping-lan.pngrules.pnglan-setup.pngwan-setup.pngstatus.png screen shots as requested in a pm earlier...

 

I

 

Message 5 of 8
Tridac
Aspirant

Re: FVS338 Not Forwarding Packets

Hi,

 

Bump, or is there a solution to this problem ?.  Have tried everything I can, but if  Netgear can't solve it., then I guess nobody can....

 

Regards,

 

Chris

Message 6 of 8
Nodism1125
NETGEAR Expert

Re: FVS338 Not Forwarding Packets

Set up a static route on router2 helps your packet route to router1.

 

 

Message 7 of 8
Tridac
Aspirant

Re: FVS338 Not Forwarding Packets

Hi,

 

Thanks. Have already setup the default route for the wan side, so why should I need an added route for a port forwarding setup, when there i no mention f that in the manual ?. The current setup and data flow is:

 

router1 @ 192.9.200.254 <> FVS338 router 2 @192.9.200.251 < port forward to > 10.10.10.150

 

Check out the upthread screenshots for correct setup, but can't see anyting out of order. Fact is, it doesn't work as per the manual.

 

No more time to spend on this now, so will use opnsense on an old alix box, which should get the job done and already in use elsewhere on the network. Just like these old 318 and 338 routers. Compact and usually fit and forget once setup...

 

Regards & Thanks,

 

Chris

Message 8 of 8
Discussion stats
  • 7 replies
  • 2680 views
  • 0 kudos
  • 3 in conversation
Announcements