× Attn: Nighthawk Pro Gaming members, we have recently released firmware to address a critical security vulnerability. For more information click here. .
× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

RAX50 - Refused to Connect to device

Wade0004
Aspirant

RAX50 - Refused to Connect to device

My router began throwing up this error ( ERR_CONNECTION_REFUSED ) when I'm trying to access a device from outside my network.  Inside the network I can access it fine.  And I used to be able to access it fine also, all the time.   Now I can access it about 75% of the time, but every now and then i get the error and I have to reboot the router, which makes it work.  

I suspect it was the firmware update,  but I really can't say that for sure, except that is the only thing that has changed other than father time clicking along.  But I've had the router less than a year, so i sure hope that isn't the issue.

 

Hardware: RAX50

Firmware: v1.0.2.82

 

Anyone have any sage advice or want to commiserate with me?

Message 1 of 9
Wade0004
Aspirant

Re: RAX50 - Refused to Connect to device

Sorry I didn't include this in the orignal.  The device is hard wired and has a static IP set up also.

Message 2 of 9
plemans
Guru

Re: RAX50 - Refused to Connect to device

What modem/gateway is the router connected to? 

What device is this you're trying to access and what program/process are you using to try to access it? 

Message 3 of 9
antinode
Guru

Re: RAX50 - Refused to Connect to device

> My router began throwing up this error ( ERR_CONNECTION_REFUSED ) when
> I'm trying to access a device from outside my network. [...]

 

   What is this "a device"?  "access" how?  Web browser?  Some
device-specigfic app?  Other?  Presumably, your _router_ is not
"throwing up this error"; the program you're using "to access a device"
is doing that.

 

   Normally, "connection refused" means that the program made contact
with the destination system (in this case, your router), but no one was
listening at the specified port.  For a local connection, using the
server's LAN IP address, that would suggest that the server program is
not running/listening at that port.  For a remote connection, using the
router's WAN/Internet IP address, bad port forwarding by the router is
another possible cause.

> [...] from outside my network. [...]

 

   Did you configure port forwarding on the router, or are you relying
on UPnP, or a DMZ server specification, or what?


> I suspect it was the firmware update, but I really can't say that for
> sure, [...]

 

   Loading the older firmware would be one way to test that hypothesis.

 

   Visit http://netgear.com/support , put in your model number, and look
for Downloads.  (For older versions, under Firmware and Software
Downloads, look for "View Previous Versions".)  Find the kit(s).
Download the kit(s) you want.  Read the "Release Notes" file for
instructions.  (In the User Manual, look for "firmware", and,
especially, for a topic like "Manually Upload Firmware to the Router".)
When that fails because of a deficient User Manual, try:

 

      https://kb.netgear.com/23960

 


> The device is hard wired and has a static IP set up also.


   Terminology: A "static" address is configured on the device itself.
What you configure on a (DHCP server on a) router is a reserved dynamic
address, not a static address.  Either one should fix the address of a
device, but some implications are different.

Message 4 of 9
Wade0004
Aspirant

Re: RAX50 - Refused to Connect to device

I am using a Netgear CM1000v2 cable modem

 

The device is a RaspberryPi running a gaming server for FoundryVTT

Message 5 of 9
Wade0004
Aspirant

Re: RAX50 - Refused to Connect to device

Just to reiterrate, it was working perfectly for 6-7 months.

 

>  What is this "a device"?  "access" how?  Web browser?

 

I'm using a web browser to connect.  The web browser threw up the error. Agreed.  I believe, but don't know that it did so because it could connect to my router but not connect to the Raspberry Pi.

 

> For a local connection, using the
>server's LAN IP address, that would suggest that the server program is
>not running/listening at that port. 

 

When I connect on the LAN I have to type in 192.168.1.38:30000 because I believe that the Pi is listening at that port.  If I type any other port (or no port) then it won't work even on LAN (nginx reverse proxy throws up a 404).

 

>Did you configure port forwarding on the router...

 

I configured Port Forwarding on the router.  But I could have done it wrong.  Screen shot attached.

 

 

>Loading the older firmware would be one way to test that hypothesis.

 

I will test rolling back to previous version after I read patch notes, TYVM for the link/idea!   🙂 

 

>Terminology: A "static" address is configured on the device itself.
>What you configure on a (DHCP server on a) router is a reserved dynamic
>address, not a static address. 

 

I honestly can't recall if i only reserved the address in the router (i know i did that) or if i gave it a static address in the Pi.  And didn't know there was a difference TBH. thanks.

 

Message 6 of 9
antinode
Guru

Re: RAX50 - Refused to Connect to device

> [...] I believe, but don't know that it did so because it could
> connect to my router but not connect to the Raspberry Pi.

 

   That'd be my interpretation.  I'd expect the same result if you
specified some known-unused port number.

 

> I configured Port Forwarding on the router. But I could have done it
> wrong. Screen shot attached.

 

   Looks plausible to me.  (Lame/uninformative "Service Name" entries,
but they're only comments.)

 

> I honestly can't recall if i only reserved the address in the router
> (i know i did that) or if i gave it a static address in the Pi. [...]

 

   If you did an Address Reservation on the router, then you should be
ok.  The danger is specifying a static address on a device, but leaving
that address available in the pool of the DHCP server, so that the DHCP
server can grant it to some other device.  If you really want to use
(really) static addresses, then my advice is to shrink the pool, and use
only ex-pool addresses as static addresses.


   An address reservation also avoids the problem, but then you have the
same info in two places, so if you change one, you must remember to
change the other.  Which is just asking for trouble someday.

 

   Around here, I have a very small pool, used mostly by a Roku box and
the occasional experimental gizmo.  All my antique (non-DHCP) computers
have (ex-pool) static addresses.  Most newer ones use DHCP with
(ex-pool) reserved addresses.

 

   No bug in Netgear router firmware would amaze me, but I can't recall
any reports of actual port-forwarding bugs like this, so I'd stay alert
for other possible causes.  If you can catch it in the act, where remote
access fails but (simultaneously) local access works, then that'd be
more persuasive.  (Note that specifying the router's WAN/Internet
address from a system on your LAN should be equivalent to actual
remote access, so far as the router's concerned.)

 

   For the usual problems with port forwarding, see:

 

      https://community.netgear.com/t5/x/x/m-p/1859106


   You seem to have most/all of that stuff covered, but it might be
useful as a checklist.

 

 

> I am using a Netgear CM1000v2 cable modem

 

   Not a NAT router, so harmless.

Message 7 of 9
Wade0004
Aspirant

Re: RAX50 - Refused to Connect to device


@antinode wrote:

...No bug in Netgear router firmware would amaze me, but I can't recall

any reports of actual port-forwarding bugs like this, so I'd stay alert
for other possible causes.  If you can catch it in the act, where remote
access fails but (simultaneously) local access works, then that'd be
more persuasive.  (Note that specifying the router's WAN/Internet
address from a system on your LAN should be equivalent to actual
remote access, so far as the router's concerned.)

...


So I can 100% confirm that this has happened.  The way the API works is that it is running and I am accessing it the same time as my other players.  I used to goto `mydomainname.net` (censored for protection) and play along with them, but someone from the Foundry forums told me to just go striaght to the LAN IP address so i wouldn't be confusing my router by going out to my DNS to fetch my address and come back in....  

 

Anyways, now I will play from the LAN ip:port while others play by coming in from the outside on `mydomainname.net` and it will work for me, but not for them (sometimes, but not always) and then after about 1/2 an hour of me just telling them all the cool stuff they are missing or screen sharing my screen, one of them will inevitably yell, "it's back up" and everyone logs in just fine for the rest of the evening.

Message 8 of 9
antinode
Guru

Re: RAX50 - Refused to Connect to device

> [...] someone from the Foundry forums told me to just go striaght to
> the LAN IP address so i wouldn't be confusing my router by going out to
> my DNS to fetch my address and come back in....

 

   Nah.  It's a feature: "NAT loopback".  And, in any case, if it ever
works, it should always work.

 

   If you claim that it worked before the firmware update, then I'd
definitely run the experiment with (the same) older firmware.

Message 9 of 9
Top Contributors
Discussion stats
  • 8 replies
  • 2078 views
  • 0 kudos
  • 3 in conversation
Announcements

Orbi 770 Series