Reply

Port Forwarding "Randomly" Turns Off

prstoessel
Novice

Port Forwarding "Randomly" Turns Off

Hello. Our small business just put the R7000 into service about a week ago. I set up the Port Forwarding for Remote Desktop to various workstations as well as our applications server.

The way I have always done this is to assign unique external ports and tied them to the internal port service (3389) routed to the respective workstation by static IP address.

I have a screen shot here to illustrate the setup.

As soon as I set it up, all worked fine. Then, a few days later no one could use Remote Desktop at all. The typical Windows message "Could not connect because the server could not be found" came up. All I did was reboot and the services worked again.

The same thing happened this morning. Users were able to log in last night, but this morning they could not. After a reboot it all works now.

Obviously, we cannot run our business like this. I have checked various areas to make sure a schedule of some kind wasn't blocking access, but I might not be looking in all the right places. Any help or suggestions would be appreciated.

I will add as a footnote that this mirrors the same setup used at other facilities as well as the routers we had in place prior to this one. So I am not doing anything new.

Thank you.
Message 1 of 11
jmizoguchi
Virtuoso

Re: Port Forwarding "Randomly" Turns Off

For one. RDP has exploitation so I would suggest go with better router for do SSL-VPN, IPsec VPN (Prosafe/Prosecure ) secure way to access network or been R7000 use openVPN that come with unit and use and have each user hit their workstation that way.


Also I would use ports higher than 1024 to start with (outside the common ports)
VPN Case Study

VPNCASESTUDY.COM

"Our Second To None VPN Related Setup Case Study[/COLOR][/URL]

"One Stop Solution To Your Netgear VPN Connectivity"

*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]





June Mizoguchi-
Message 2 of 11
prstoessel
Novice

Re: Port Forwarding "Randomly" Turns Off

Thanks for the reply. I can modify the port numbers as you suggest, but that does not explain why the PF would just stop and start working again after a simple reboot. I checked the logs for any clues, thinking that perhaps a DoS attack might cause the router to go into a safety mode. Nothing in the logs indicate that services were paused or blocked.

VPNs are painfully slow and not practical for our use. In addition to employee-users, we have numerous clients who utilize our terminal server for custom applications we develop. While I understand there is better technology for these purposes, we are not in the position to upgrade all our clients at the moment and need a more immediate fix.

The R7000 costs considerably more than the other routers we had in place and the other routers did not have this problem, nor have we had any security exploit issues in the many years of operating this way.
Message 3 of 11
RichStevenson
Aspirant

Re: Port Forwarding "Randomly" Turns Off

Another option if you don't want to use the VPN, is setup Microsoft's Remote Desktop Gateway. You'll need a valid SSL cert, but then you only need to open port 443 on the router and configure the RDP clients with the gateway.
Message 4 of 11
prstoessel
Novice

Re: Port Forwarding "Randomly" Turns Off

That is a good idea that I will check out. For the short term, however, I just need this to work. Lesser expensive routers have had no issue with what I am doing here.

Is there some kind of safety the Nighthawk has in locking out FP if it thinks there is an attack?
Message 5 of 11
RichStevenson
Aspirant

Re: Port Forwarding "Randomly" Turns Off

There is port scan and DoS protection that is enabled by default, but I don't know if that would shutdown all incoming ports. I expect not.

It might be worth mentioning this... I had signed up for a cloud backup solution just a couple days ago, and when I was uploading it dragged my download speed way down, assuming because of all the ACK packets. I wonder if you're seeing the same thing since an RDP session into your LAN is using your upload bandwidth? Maybe QoS would help? Just thinking out loud...
Message 6 of 11
jmizoguchi
Virtuoso

Re: Port Forwarding "Randomly" Turns Off

Under WAN setup there should be either "Port Scan & DoS" or "SPI" (only either one)

Label different but does the same feature and some model shows different.
Try disable and see if makes any changes
VPN Case Study

VPNCASESTUDY.COM

"Our Second To None VPN Related Setup Case Study[/COLOR][/URL]

"One Stop Solution To Your Netgear VPN Connectivity"

*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]





June Mizoguchi-
Message 7 of 11
prstoessel
Novice

Re: Port Forwarding "Randomly" Turns Off

Under WAN there was a single checkbox that said "Disable Port Scan and DoS Protection. It was not checked, so I checked it. The logs earlier today showed several DoS Attacks and that is what I was looking into when I started this post.

Thank you. I am optimistic that this will fix the problem. The other advise is also appreciated and I will look into it for the long-term.
Message 8 of 11
jmizoguchi
Virtuoso

Re: Port Forwarding "Randomly" Turns Off

RDP in VPN tunnel should be not an issues for you.

Aslo setting with better router would be more control on your network while keeping more secure.

I would investigate for your next project ....

Glad to assist ..
VPN Case Study

VPNCASESTUDY.COM

"Our Second To None VPN Related Setup Case Study[/COLOR][/URL]

"One Stop Solution To Your Netgear VPN Connectivity"

*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]





June Mizoguchi-
Message 9 of 11
prstoessel
Novice

Re: Port Forwarding "Randomly" Turns Off

The Port Scan & DoS checkbox was the answer. No problems since I made the change. Thanks for the help. Mark this one as solved.
Message 10 of 11
jmizoguchi
Virtuoso

Re: Port Forwarding "Randomly" Turns Off

Thanks for the updates
VPN Case Study

VPNCASESTUDY.COM

"Our Second To None VPN Related Setup Case Study[/COLOR][/URL]

"One Stop Solution To Your Netgear VPN Connectivity"

*Visit the site for Non-VPN related Doc & Links* [Windows & Mac user/support]





June Mizoguchi-
Message 11 of 11
Top Contributors
Discussion stats
  • 10 replies
  • 11803 views
  • 0 kudos
  • 3 in conversation
Announcements