Reply

Telnet port

Steve_AES
Aspirant

Telnet port

I seem to be having all sorts of issues trying/attempting to open ports on my D7000 unable to telnet onto it and testing port 23 says its close and any attempts to open it through advanced setting and adding the port forward service and then adding the service in security doesnt seem to affect anything and port stays closed so can some one tell me how to open a port any port as I just seem to be going round in circles was a lot easier in my old 2200 created a firewall rule and added the service job done but this D7000 is a real pain I thought if I telneted on and just froced the port open but can't even do that Help please 

Model: D7000|Nighthawk AC1900 VDSL/ADSL Modem Router
Message 1 of 11
antinode
Guru

Re: Telnet port

> [...] my D7000 [...]

 

   D7000[v1] or D7000v2?  Look at the product label.  Firmware version?

 

> I seem to be having all sorts of issues trying/attempting to open
> ports [...]

 

   Which ports?  Why?  How, exactly?

 

> [...] unable to telnet onto it [...]

 

   Netgear consumer-grade routers do not, by default, allow Telnet
access.  In many cases, it can be enabled (in one way or another).  But
why do you want to do it?

 

> [...] I thought if I telneted on and just froced the port open but
> can't even do that


   No.  In my experience, people who talk about ports being "open" or
"closed" often don't understand the problem.  You can't "force" a port
"open, with or without Telnet (shell) access to the router's OS.

 

   What is the actual problem which you are trying to solve?  As
usual, you might get better advice if you described the actual problem
which you are trying to solve, rather than asking how to implement some
particular "solution" ("telneted on and just froced the port open")
which may have little or nothing to do with your actual problem.

Message 2 of 11
Steve_AES
Aspirant

Re: Telnet port

D7000 v1 firmware 1.0.1.74_1.0.1

My issue is that after moving to a new ISP I seem to have lost the ability to connect to my NAS box using my DDNS account just keep getting site cannot be reached so was trying to see if the correct ports are open (9025 to 9040) but when setting up port forwarding and adding the service into the security tab they remain close when testing. searched and found that you could open the ports by using telnet but cannot connect using that as that port is also firmly shut hence my request as it seems that when setting up any port forwarding nothing appears to work

Message 3 of 11
antinode
Guru

Re: Telnet port

> D7000 v1 firmware 1.0.1.74_1.0.1

 

   Port forwarding generally works on mine.

 

> [...] after moving to a new ISP [...]

 

   That sounds to me like significant detail.

 

> [...] lost the ability to connect to [...]

 

   "connect" _how_, exactly?

 

> [...] my NAS box [...]

 

   Not a very detailed description of anything.

 

> [...] my DDNS account [...]


   Not a very detailed description of anything.  Does the IP address

which you get from that match the IP address of the WAN/Internet
interface of the D7000[v1]?  (ADVANCED > ADVANCED Home : Internet Port :
Internet IP Address)  What is it (or are they)?  ("a.b" out of "a.b.c.d"
would be enough for a public address.)

 

> [...] was trying to see if the correct ports are open (9025 to 9040)
> [...]

 

   What does your (unspecified) "my NAS box" do with those ports?

 

> [...] when setting up port forwarding [...]

 

   What are your actual port-forwarding rules?  Copy+paste is your
friend.

 

> [...] and adding the service into the security tab [...]

 

   Huh?  "security tab"?


> [...] they remain close when testing.

 

   "testing" how, exactly?

 

> [..] searched and found [...]

 

   Thanks for the helpful links.

 

> [...] it seems that when setting up any port forwarding nothing
> appears to work

 

   I currently have 17 port-forwarding rules on my D7000[v1]
(V1.0.1.74_1.0.1).  They work.  No Telnet activity was required to
achieve that result.

 

   The usual problems with this stuff are:


   1. Wrong external IP address (different from the port-forwarding
router's WAN/Internet IP address).  (An intermediate NAT router, for
example, could cause this.  Or an ISP using carrier-grade NAT to
conserve IPv4 addresses.)

 

   2. Bad port-forwarding rule (wrong port(s), wrong target address --
including a wandering target).

 

   How did you ensure that your (unspecified) "my NAS box" always has
the right IP address?  Static configuration?  Reserved dynamic address?

 

   3. Server not listening on the port-forwarding target system.

 

   Can you do whatever you do with ports "9025 to 9040" from a system on
your LAN?  If you can't access the server locally, then there may be
little chance of doing it from the outside world.

 

   4. External influences: ISP blocking, other firewalls, ...

 

   Seldom the problem.

Message 4 of 11
schumaku
Guru

Re: Telnet port

@antinode once upon a time Netgear implemented the NAT and port forwarding in a way that services possible (not even enabled!) on the router can't be port forwarded why ever. Commonly hit were 80/TCP, 23/TCP (regardless), sometimes 443/TCP, even if users configured diferent ports for e.g. Remote Access. Simply junk design...

Message 5 of 11
antinode
Guru

Re: Telnet port

> [...] once upon a time [...]

 

   We're not discussing a possible defect in some unspecified router.

 

> [...] 80/TCP, 23/TCP (regardless), sometimes 443/TCP, [...]

 

   Nor are we discussing those ports.

 

> D7000 v1 firmware 1.0.1.74_1.0.1

 

   I use that model+firmware.  I use its port-forwarding capability
(including ports 80 and 443).  It works as expected.

 

> [...] Simply junk design...

 

   Something might be, but it's simply irrelevant to this problem, hence
a distraction, not a valuable contribution to this discussion.

Message 6 of 11
Steve_AES
Aspirant

Re: Telnet port

I'd just like to thank you for your **bleep** comments they were very helpful in assisting me to try and solve a problem or at least check if it was a problem before I ask the ISP to start investigating why I cannot connect through an internet page to my DDNS myname.synology.me your remarks are extremely helpful in getting me to **bleep** off from this site as the assistance is **bleep**

Message 7 of 11
antinode
Guru

Re: Telnet port

> I'd just like to thank you [...]

 

   You're welcome.  If you'd like to provide more (any) useful
information (answer the questions, for example), then more progress
might still be possible.

Message 8 of 11
Steve_AES
Aspirant

Re: Telnet port

all I want to do is check if a port is open if not I would like to open it I would like someone to explain to me the correct procedure as I might be doing something wrong but your help has been nothing but critisism and asking question which to me seem irrelevant like whats your external IP why is that needed when all I want to is check if a port is open or closed is beyond me. 

Message 9 of 11
schumaku
Guru

Re: Telnet port

Sorry @Steve_AES, fellow @antinode is perfectly correct: It's essential to check of your ISP does not operate your Internet connection in a GCN (Carrier Grade NAT) config [or your Internet connection is a sub-lease from some building or office space or whatever - these use often NAT, too,].

Further on, there are ISP which are blocking many well known ports (http, https, telnet, ssh, and the smb/cifs - sometimes even more) to "protect the customer", by providing a service named carrier side firewall, resp. to make us open the wallet a little bit wider buying business contracts.

 

It does absolutely not matter what DDNS service(s) are implemented - relevant are the IP addresses. Non-routable private IP or CGN address space on the Internet side is never reachable from the wide world.

And sorry for the rant on Netgear. The D7000 was one of these units (along with several more) - probably specific to one or some encpasulation like PPTP, PPPoE, PPPoA, or plain IP - which used to block common services it used internally. UPnP PMP looked perfectly right, manual port forwarding applied right - the connections were never established. This should not impact the 9xxx ports however.

 

There are many more aspects - even if you don't want to trust the old men hare.

Message 10 of 11
antinode
Guru

Re: Telnet port

> all I want to do is check if a port is open if not I would like to
> open it [...]

 

   As I tried to suggest, "a port is open" is not a very useful concept,
and, even if it were, it would still be only a means to an end, not an
actual goal in itself.  Hence I asked multiple questions -- Hint: Look
for "?" -- to try to determine what your actual goal might be.  So far,
to no effect.

 

> [...] I might be doing something wrong [...]

 

   Perhaps, but no one here can see what you might be doing.

 

> [...] asking question which to me seem irrelevant [...]

 

   If you knew which information was relevant and which was not, then
you might not be here asking how to "open a port".  As I wrote, _my_
port forwarding works just fine.  You claim that yours does not.  Which
of us do you think would be a better judge of which information is
relevant or irrelevant in this case?


> [...] like whats your external IP why is that needed [...]

 

   See item 1 in the list of "usual problems", above.

 

> [...] when all I want to is check if a port is open or closed is
> beyond me.

 

   It may be beyond you, but it might not be beyond everyone (if, that
is, anyone else had some basic information about what you're doing and
why).

 

> [...] In my experience, people who talk about ports being "open" or
> "closed" often don't understand the problem.

 

   Still true.  Hence all the questions about your actual goals and
actions.  For one common interpretation of "open port", defining a
port-forwarding rule is all that you would need to do.  You claim to
have done that, but, with my weak psychic powers, I can't see your
port-forwarding rule(s), and I have no idea what you're trying to
accomplish with it/them.

 

   Given that whatever (unspecified) things which you might have done
didn't work as expected, and only one of us knows how you decided that,
I'd need more information before I could offer any specific advice.
Hence, the list of "usual problems", above.  And all the (still
unanswered) questions.

 

   Getting indignant about all the questions is much less helpful than
providing answers to them, and wastes much more of everyone's time.
(And mine is a limited resource.)

Message 11 of 11
Top Contributors
Discussion stats
  • 10 replies
  • 1661 views
  • 2 kudos
  • 3 in conversation
Announcements

Orbi WiFi 6E