NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Night Hawk R8000 Open ports -I DONT KNOW WHERE TO START or Begin!
I'm going to try not to rant too much. My apologies if i do.
I have XFINITY internet svcs, I have a Netgear Modem CM1000, and a NIGHTHAWK router R8000.
I attend a local college, Univ. of Houston Downtown. And as an assignment i was to ssh into the school's *NIX box. Downloaded Putty, and tried TELNET; and i was allowed in, but couldnt remember my pswd to save my life. So i then decided to close the connection and go to UHD and changed my pswd. All was well. I then tried TELNET again, this time knowing my new pswd and i get "connection refused". So then i tried ssh and got (NETWORK ERROR: "software caused connection abort") So i assumed, my putty was curropted and tried another and continuosly got same error. So now im furious, I'm immediately thinking UHD bannned/blocked me because of pswds errors. After 45 mins with them on the phone, we concluded i wasnt banned and still not banned. i was NEVER banned and it is something on my end preventing me from connecting.
So with this bothering me, i decided to DMZ my laptop which is connected hardwire, and nothing. WEIRD!!! So i went to port forward and added the TELNET port, and still NOTHING!!! Now im convinced, this is XFINITY's fault. Called them and gave them a piece of my mind and my heart, after further review, they said 22 and 23 were NOT blocked.. 25 was but not 22 or 23. Of course they said well, maybe i need to try their modem/router -- I HUNG UP ((upset)). So i unhook the NightHawk r8000 and connect my ethernet from CM1000 to laptop. Tried ssh on putty, and immediatly connected. Tried WinSCP and same, connected, no hiccups. Did the day's homework. Returned everything back and tried to reconnect and same errors... WTF??? So i called Netgear and allowed the guy to troubleshoot me. After 45 mins, we decided it was best to ESCALATE this issue. He assured me that in 1 hr, someone would call me back. i called back 1h.15mins later and asked what happened to the ESCALATION team?? NO ONE CALLED. then this other guy tried to trouble shoot me and i told him dont even try it. Now he asks all my info like i didnt just give him a ticket number that should have all my info. At the end after 15 mins of arguing, he tells me, hey will call, have patience. I REMIND HIM, its 1115pm my time, he say give it a little bit, they will be calling. Waited till12:15 am and no one called. It is 2:35 pm and yet, no call. And im remoting into my home desktop right now and still, CANNOT USE PORTS 22 or 23.
Now here is the confusing part, that i know doesnt make sense either but dont know how to ask anyone since Escalation team didnt call,is there an issue using a CM1000 and a R8000 together? Does it cause a conflict?
> Okay Let me try to be a bit more precise. [...]
That didn't happen.
> [...] I completed the task to ssh into the box. [...]
I have no idea what that means to you. To me, "completed the task"
means success. With my weak psychic powers, I can't see what session
parameters you specified in PuTTY for this connection (other than the
apparent destination domain name).> [...] yes they did provide instructions [...]
That's swell, but no one provided them to _me_, so I can't see them
any better than I can see what you're doing.
From here, Telnet to "gator.uhd.edu" (216.145.162.35) returns
"Connection refused", which suggests that it's not listening on port 23.
Which is entirely reasonable. It does seem to be listening on port 22
(SSH), but I lack any valid credentials there, so all that I can do is
get to the "<user>'s password: " request. But I do get that far.> [...] I also tried to sftp into the box [...]
If you can't get a simple SSH connection, then I wouldn't expect more
from SFTP.> Figures 5 - 11 shows you the current setting on my router. [...]
As I said before, all those settings relate to incoming connections,
not to what you're trying to do (an outgoing connection).> > [...] Returned everything back [...]
> "everything"? Did you undo all those misguided setting changes
> involving DMZ and/or port forwarding/triggering? If you've lost track,
> then a full settings reset might be a reasonable step.> [...] My laptop ends with x.x.x.6. [...]
"15.72.90.6"??? That's a _public_ IP address (belonging to HP[E]).
You should not be using it (or anything like it) on your LAN.https://whois.arin.net/rest/net/NET-15-0-0-0-1/pft?s=15.72.90.6
Again, I'd suggest a settings reset on your router. And, this time,
when you're configuring it after that, leave the LAN subnet at its
default ("192.168.1.*"). And don't play with any settings which deal
with incoming connections.Curiosity compels me to ask how you decided that "15.72.90.*" was a
reasonable choice for your LAN subnet.
5 Replies
> [...] ssh into the school's *NIX box. [...]
Ok. Should be easy enough. Did they provide instructions?
> [...] Downloaded Putty, and tried TELNET; [...]
You lost me. What, exactly, does "tried TELNET" mean to you? Telnet
and SSH are two different services."tried" is not a useful problem description. It does not say what
you did. It does not say what happened when you did it. As usual,
showing actual actions (commands) with their actual results (error
messages, LED indicators, ...) can be more helpful than vague
descriptions or interpretations. Copy+paste is your friend.> [...] i decided to DMZ my laptop [...]
Your (unspecified) "my laptop" runs some version of Windows?
You're trying to make an outgoing connection (as a client) to a
remote SSH server. You should not need to do anything with any DMZ, or
port forwarding, or port triggering, or any such thing, to enable an
outgoing connection. All those features exist to accommodate _incoming_
connections (to your server, on your LAN, which you don't have).> [...] Returned everything back [...]
"everything"? Did you undo all those misguided setting changes
involving DMZ and/or port forwarding/triggering? If you've lost track,
then a full settings reset might be a reasonable step.> [...] is there an issue using a CM1000 and a R8000 together? Does it
> cause a conflict?I have no actual experience with either device, but if your general
Internet access (web browsing, e-mail, et c.) works, then I wouldn't bet
on these devices causing your problem. (At least, not until you started
fiddling with the router.)Okay Let me try to be a bit more precise. I will also atttempt to make some screenshots. I completed the task to ssh into the box. yes they did provide instructions on how to do so. And yes i did follow them. And no, I WAS NOT SUCCESSFUL. I followed the steps for TELNET, then i followed the steps for SSH.( FIGURES 1 & 2). The connection was never successful. I also tried to sftp into the box with a program called WNSCP, and even that connection was unsuccesful.(figures 3 & 4)
Figures 5 - 11 shows you the current setting on my router. My laptop ends with x.x.x.6. I tried to clear logs just to see if maybe it would throw out an error in there when trying to connect. As i said, i undid the DMZ nonsense, but kept the port forward settings.
Figures 10 and 11 shows you nothing in logs while trying to connect.
I am currectly running Windows 10 i5 processor 16gb ram on a HP Elitebook 840 G4
** Pls view attachment**
> Okay Let me try to be a bit more precise. [...]
That didn't happen.
> [...] I completed the task to ssh into the box. [...]
I have no idea what that means to you. To me, "completed the task"
means success. With my weak psychic powers, I can't see what session
parameters you specified in PuTTY for this connection (other than the
apparent destination domain name).> [...] yes they did provide instructions [...]
That's swell, but no one provided them to _me_, so I can't see them
any better than I can see what you're doing.
From here, Telnet to "gator.uhd.edu" (216.145.162.35) returns
"Connection refused", which suggests that it's not listening on port 23.
Which is entirely reasonable. It does seem to be listening on port 22
(SSH), but I lack any valid credentials there, so all that I can do is
get to the "<user>'s password: " request. But I do get that far.> [...] I also tried to sftp into the box [...]
If you can't get a simple SSH connection, then I wouldn't expect more
from SFTP.> Figures 5 - 11 shows you the current setting on my router. [...]
As I said before, all those settings relate to incoming connections,
not to what you're trying to do (an outgoing connection).> > [...] Returned everything back [...]
> "everything"? Did you undo all those misguided setting changes
> involving DMZ and/or port forwarding/triggering? If you've lost track,
> then a full settings reset might be a reasonable step.> [...] My laptop ends with x.x.x.6. [...]
"15.72.90.6"??? That's a _public_ IP address (belonging to HP[E]).
You should not be using it (or anything like it) on your LAN.https://whois.arin.net/rest/net/NET-15-0-0-0-1/pft?s=15.72.90.6
Again, I'd suggest a settings reset on your router. And, this time,
when you're configuring it after that, leave the LAN subnet at its
default ("192.168.1.*"). And don't play with any settings which deal
with incoming connections.Curiosity compels me to ask how you decided that "15.72.90.*" was a
reasonable choice for your LAN subnet.