Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 13 replies
  • Subscribers 2 subscribers
  • Views 2763 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Stumped with webserver on port 1608

CaseyRemelgado
I have a webserver running on port 1608 as well as port 80. The webserver on port 80 was set up and is working quote well. However, I cannot for the life of me get the one to work from the outside on port 1608.

This webserver does happen to be virtual, and im wondering if that has something to do with it.

The IP of the webserver is 192.168.1.141 and it is running on port 1608.

I have attached screenshots of the firewall and nat settings.

The live log has these entries:

17:03:24 Default DROP TCP
192.168.1.16 : 53805

173.54.231.50 : 1608
[SYN] len=52 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:24 Default DROP TCP
192.168.1.16 : 53806

173.54.231.50 : 1608
[SYN] len=52 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:24 Default DROP TCP
192.168.1.16 : 53807

173.54.231.50 : 1608
[SYN] len=52 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:27 Default DROP TCP
174.252.30.191 : 8144

192.168.2.2 : 8888
[SYN] len=60 ttl=251 tos=0x00 srcmac=0:1f:90:76:97:62 dstmac=0:4:75[:D]0:64:28
17:03:27 Default DROP TCP
192.168.1.16 : 53805

173.54.231.50 : 1608
[SYN] len=52 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:27 Default DROP TCP
192.168.1.16 : 53806

173.54.231.50 : 1608
[SYN] len=52 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:27 Default DROP TCP
192.168.1.16 : 53807

173.54.231.50 : 1608
[SYN] len=52 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:30 Default DROP TCP
174.252.30.191 : 8133

192.168.2.2 : 8888
[SYN] len=60 ttl=251 tos=0x00 srcmac=0:1f:90:76:97:62 dstmac=0:4:75[:D]0:64:28
17:03:33 Default DROP TCP
174.252.30.191 : 8133

192.168.2.2 : 8888
[SYN] len=60 ttl=251 tos=0x00 srcmac=0:1f:90:76:97:62 dstmac=0:4:75[:D]0:64:28
17:03:33 Default DROP TCP
192.168.1.16 : 53806

173.54.231.50 : 1608
[SYN] len=48 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:33 Default DROP TCP
192.168.1.16 : 53805

173.54.231.50 : 1608
[SYN] len=48 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba
17:03:33 Default DROP TCP
192.168.1.16 : 53807

173.54.231.50 : 1608
[SYN] len=48 ttl=127 tos=0x00 srcmac=78:2b:cb:8f[:D]5:85 dstmac=0:13:72:81:97:ba


Any help would be appreciated.


This thread was automatically locked due to age.
  • 0
    Hi, ootuoyetahi, and welcome to the User BB!

    If you're a home user and are on V8.201, please download the V8.202 Up2Date, upload and update to 8.202.  Does that resolve this issue?

    Cheers - Bob
  • 0
    Thanks for the reply.
    I am a home user and I am downloading it now. Will reply with result after I try it.
  • 0
    Updated and rebooted and the problem still persists.
  • 0
    OK, the live log really doesn't have much information.  Try having the firewall and NAT rules logged, then show the two lines ("log" and "drop") from the full firewall log in logging.

    Cheers - Bob
  • 0
    Im not 100% sure this is what you were looking for, but I went to logging and view firewall log. This is what I found that referenced port 1608:

    2011:09:24-12:39:03 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="58697" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:03 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="58698" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:03 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="58699" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:06 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="58698" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:06 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="58697" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:06 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="58699" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:12 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="82.215.32.58" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="58740" dstport="31000" tcpflags="SYN" 
    2011:09:24-12:39:12 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="48" tos="0x00" prec="0x00" ttl="127" srcport="58697" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:12 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="48" tos="0x00" prec="0x00" ttl="127" srcport="58698" dstport="1608" tcpflags="SYN" 
    2011:09:24-12:39:12 ootuoyetahi ulogd[5176]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="48" tos="0x00" prec="0x00" ttl="127" srcport="58699" dstport="1608" tcpflags="SYN"

    2011:09:24-18:00:35 ootuoyetahi ulogd[5175]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="55479" dstport="1608" tcpflags="SYN" 
    2011:09:24-18:00:35 ootuoyetahi ulogd[5175]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="55480" dstport="1608" tcpflags="SYN" 
    2011:09:24-18:00:35 ootuoyetahi ulogd[5175]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="55481" dstport="1608" tcpflags="SYN" 
    2011:09:24-18:00:38 ootuoyetahi ulogd[5175]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="55479" dstport="1608" tcpflags="SYN" 
    2011:09:24-18:00:38 ootuoyetahi ulogd[5175]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="55480" dstport="1608" tcpflags="SYN" 
    2011:09:24-18:00:38 ootuoyetahi ulogd[5175]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" initf="eth2" outitf="eth0" srcmac="78:2b:cb:8f[:D]5:85" dstmac="0:13:72:81:97:ba" srcip="192.168.1.16" dstip="173.54.231.50" proto="6" length="52" tos="0x00" prec="0x00" ttl="127" srcport="55481" dstport="1608" tcpflags="SYN"
  • 0
    Try changing your DNAT to a Full NAT with Source translation:  Internal (Address), leaving 'Source Service' empty.

    Cheers - Bob
  • 0
    Hi, the source IP in your logs is an internal IP.
    Is the webserver on the same LAN as that IP? If so, it's probably not going to work from inside.

    You can create internal DNS entries as a workaround, or put the server in a DMZ on a separate firewall interface.

    Barry
  • 0
    Of course!  Barry, I had my head into that other issue here and just assumed it was the same thing - where's that "egg on my face" symbol when ya need it!?!

    Accessing Internal or DMZ Webserver from Internal network

    Cheers - Bob
  • 0 in reply to BarryG
    Thanks again for all your help.

    They are on the same network. The computer I am using now is 192.168.1.16 and the webserver is 192.168.1.141. If what youre saying is true, I would suspect I wouldnt be able to reach the webserver running on port 80, but I can.

    Also, just to try and narrow the issue down, I created the attached rule and I AM able to successfully reach the webserver on port 1608.

    PS ill mail you a beer once this is working :-)
  • 0
    I bet you'd find that your port 80 access is being handled directly by the proxy.

    Cheers - Bob