Cannot connect to router for remote management

montana_suse_user · September 29, 2013, 4:46am

I have a problem that has not been solved for quite some time now.

I have a desktop computer hardwired to an Asus router, connected to a cable modem.
I have a laptop computer hardwired to a Netgear router, connected to a DSL modem.

I have internet connection from both routers and web browsing (Firefox) and email (Evolution - pop) work properly.
Both routers are configured to allow remote management access. They are both using port 8080, although I have tried other ports.

I can access the Netgear router (on the DSL line) from my desktop computer (on the cable) and can make changes to the settings.
I cannot access the Asus router (on the cable) from my laptop computer (using the DSL line).

If I change the cables from the computers to the routers, and make a change to the settings in the routers so they connect to the internet, the no access problem follows the cable modem. This effectively eliminates any problem with the computers, cables and routers.

I contacted the company providing the cable access and asked if any ports were being blocked. They assured me that they do not block any ports.
I contacted the manufacturer of the cable modem (Motorola SB6141) and they had me connect directly to the modem and showed me there are no blocks.
The cable company brought out a brand new modem, which I installed and the problem was still there.

If I open Firefox, and in the address bar, type in the IP address of the cable modem followed by a colon and the port number, I get absolutely no response. Nothing. Do the same for the address of the DSL modem and I get the log in popup.

The Asus router comes with access to a DDNS server that created a domain name for me. Using the domain name, followed by the port number results in the same situation.
I can however, access the router using Fireftp and move files on and off the USB drives on the router. FTP uses port 21, doesn’t it? In any case the standard port for ftp is open and working on both lines.

I’m pretty much convinced that the cable system is blocking the ports I need. I don’t think they are intentionally lying to me about using blocks, although they don’t seem to be able to figure out the problem.

I know this is not an openSuse problem, but I also know that the best experts in the world are here on these forums. I thought I’d ask.

How do I do a port scan on my cable connection to verify which ports are available? Is there anything else I can do to track down the problem?

Bart

nishanth9042 · September 29, 2013, 5:07am

Here are the questions that needs to be answered by you.

1.Have you enabled dhcp servers in both the routers.If so what are their ranges.
2.If you are able to manage from one router to another what address did you type in the address bar because when you want to manage router from remote location you need to enter the internet address i.e public ip address which the router gets. example : 205.67.42.31:8080

first check your internet address and then try to manage remotely with that address:8080.Make Sure you enable Remote Management option

deano_ferrari · September 29, 2013, 5:11am

Have you checked port status of target (or remote) host with nmap? Some good examples here

Top 30 Nmap Command Examples For Sys/Network Admins

eg

nmap -p 8080 <IP address of host>

lwfinger · September 29, 2013, 5:15am

On 09/28/2013 09:56 PM, montana suse user wrote:
>
> I have a problem that has not been solved for quite some time now.
>
> I have a desktop computer hardwired to an Asus router, connected to a
> cable modem.
> I have a laptop computer hardwired to a Netgear router, connected to a
> DSL modem.
>
> I have internet connection from both routers and web browsing (Firefox)
> and email (Evolution - pop) work properly.
> Both routers are configured to allow remote management access. They are
> both using port 8080, although I have tried other ports.
>
> I can access the Netgear router (on the DSL line) from my desktop
> computer (on the cable) and can make changes to the settings.
> I cannot access the Asus router (on the cable) from my laptop computer
> (using the DSL line).
>
> If I change the cables from the computers to the routers, and make a
> change to the settings in the routers so they connect to the internet,
> the no access problem follows the cable modem. This effectively
> eliminates any problem with the computers, cables and routers.
>
> I contacted the company providing the cable access and asked if any
> ports were being blocked. They assured me that they do not block any
> ports.
> I contacted the manufacturer of the cable modem (Motorola SB6141) and
> they had me connect directly to the modem and showed me there are no
> blocks.
> The cable company brought out a brand new modem, which I installed and
> the problem was still there.
>
> If I open Firefox, and in the address bar, type in the IP address of the
> cable modem followed by a colon and the port number, I get absolutely no
> response. Nothing. Do the same for the address of the DSL modem and I
> get the log in popup.
>
> The Asus router comes with access to a DDNS server that created a domain
> name for me. Using the domain name, followed by the port number results
> in the same situation.
> I can however, access the router using Fireftp and move files on and off
> the USB drives on the router. FTP uses port 21, doesn’t it? In any
> case the standard port for ftp is open and working on both lines.
>
> I’m pretty much convinced that the cable system is blocking the ports I
> need. I don’t think they are intentionally lying to me about using
> blocks, although they don’t seem to be able to figure out the problem.
>
> I know this is not an openSuse problem, but I also know that the best
> experts in the world are here on these forums. I thought I’d ask.
>
> How do I do a port scan on my cable connection to verify which ports are
> available? Is there anything else I can do to track down the problem?

A connection between your computer and the router for management of the latter
should have nothing to do with the cable modem. In fact, you should be able to
connect to the router even if it is not connected to the router or the Internet.
I do not know the details about the Asus router, but I connect to my Netgear
router using port 80. I just put the router’s LAN IP address (192.168.1.1) into
the address box of the browser and hit ENTER. Up pops the login screen.

Your assumption that the cable company is blocking ports is wrong. A modem just
converts the digital data to/from the transport medium, and does no
interpretation. Of course, it you try to access the router’s WAN address, its
firewall, not the modem, may reject the access. In fact, I need to configure
port forwarding for any port that the outside can access inside my LAN - I run
internal HTTP and SVN servers. Neither of these is hosted on the router.

montana_suse_user · September 29, 2013, 5:24am

Yes. The Netgear router is using 192.168.1.x and the Asus is using 192.168.3.x. In any event, I’m not moving the connections from the computers to the routers, only the router to modem is changed.

2.If you are able to manage from one router to another what address did you type in the address bar because when you want to manage router from remote location you need to enter the internet address i.e public ip address which the router gets. example : 205.67.42.31:8080

first check your internet address and then try to manage remotely with that address:8080.Make Sure you enable Remote Management option

That is what I do. I’ll open the router settings page of the router I want to manage and record the address shown. I then use that address, followed by a colon and the port number. The ip of the cable modem seems to stay pretty static, although it’s not guaranteed but the ip of the DSL varies quite regularly. When the Asus router is connected to the cable modem, the one that doesn’t work, I can use the DDNS address and the colon so I needn’t look it up. The DDNS name works for FTP, so I know it is correct.

robin_listas · September 29, 2013, 5:28am

On 2013-09-29 04:56, montana suse user wrote:

…

> I know this is not an openSuse problem, but I also know that the best
> experts in the world are here on these forums. I thought I’d ask.

Right now I’m totally confused. Maybe being 5 AM does not help.
If you can draw a diagram it could help

> How do I do a port scan on my cable connection to verify which ports are
> available? Is there anything else I can do to track down the problem?

With ‘nmap’. That’s the tool for port and IP scan - on a local
network. I’m unsure about the legality across internet.

It has a lot of options, but it is CLI. You need reading the man page.
Without any it does a quick scan:


Telcontar:~ # nmap router

Starting Nmap 6.25 ( http://nmap.org ) at 2013-09-29 05:14 CEST
Nmap scan report for router (192.168.1.1)
Host is up (0.0053s latency).
Not shown: 997 closed ports
PORT     STATE SERVICE
23/tcp   open  telnet
80/tcp   open  http
1900/tcp open  upnp
MAC Address: F8:*:*:*:*:* (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 0.45 seconds
Telcontar:~ #

Another tool is traceroute:


Telcontar:~ # traceroute -T -p 22 AmonLanc.valinor
traceroute to AmonLanc.valinor (192.168.1.*), 30 hops max, 40 byte
packets using TCP
1  AmonLanc.valinor (192.168.1.*)  0.372 ms   0.310 ms   0.283 ms
Telcontar:~ #

Telcontar:~ # traceroute -T -p 23 AmonLanc.valinor
traceroute to AmonLanc.valinor (192.168.1.*), 30 hops max, 40 byte
packets using TCP
1  * * *
2  * * *
3  * * *
4  * * *
5  * * *
6  * * *
7  * * *
8  * * *
9  * * *
10  * * *
11  * * *
12  * * *
13  * * *
14  * * *
15  * * *
16  * * *
17  * * *
18  * * *
19  * * *
20  * * *
21  * * *
22  * * *
23  * * *
24  * * *
25  * * *
26  * * *
27  * * *
28  * * *
29  * * *
30  * * *
Telcontar:~ #

–
Cheers / Saludos,

Carlos E. R.
(from 12.3 x86_64 “Dartmouth” at Telcontar)

montana_suse_user · September 29, 2013, 5:57am

I understand that, and in fact, use it to find the WAN address to use for remote access. I have no problems accessing either router locally, I just cannot access the router that is currently connected to the cable modem.

Your assumption that the cable company is blocking ports is wrong. A modem just
converts the digital data to/from the transport medium, and does no
interpretation.

That’s what Motorola told me and actually had me connect directly to the modem and access it’s software to show me that there are no settings that I can configure at all. It just modulates and demodulates.

Of course, it you try to access the router’s WAN address, its
firewall, not the modem, may reject the access. In fact, I need to configure
port forwarding for any port that the outside can access inside my LAN - I run
internal HTTP and SVN servers. Neither of these is hosted on the router.

If the Asus router is connected to the DSL modem, I can access it remotely.
If the Asus router is connected to the cable modem, I cannot access it remotely.
If the Netgear router is connected to the DSL modem, I can access it remotely.
If the Netgear router is connected to the cable modem, I cannot access it remotely.

I make only two changes: The cable from the router to the modem and one setting in the router so it will log on if connected to the DSL line or not if connected to the cable modem.

Bart

hendersj · September 29, 2013, 6:05am

On Sun, 29 Sep 2013 02:56:02 +0000, montana suse user wrote:

> If I open Firefox, and in the address bar, type in the IP address of the
> cable modem followed by a colon and the port number, I get absolutely no
> response. Nothing. Do the same for the address of the DSL modem and I
> get the log in popup.

What about using telnet to that port? Do you get a response?

Some routers define a “management port” as a “remote management port”,
meaning that the port isn’t reachable from the private network, but is
intended for access to the management UI from outside the network.

Jim

Jim Henderson
openSUSE Forums Administrator
Forum Use Terms & Conditions at http://tinyurl.com/openSUSE-T-C

arvidjaar · September 29, 2013, 6:12am

You need to configure cable modem to forward port 8080 from external internet interface to port 80 of your internal Asus address. How to do it is best asked on forum dedicated to your cable modem or may be ISP.

montana_suse_user · October 1, 2013, 11:04pm

There are no settings in the cable modem that I can change. If I forward the port as you propose, only in the router, the router would not hide that port when I have it set to not accept remote configuration. If I scan the port, while either router is connected to the DSL connection, the port shows as open when the router is set to allow remote configuration. 8080 does not show when the router is set to not allow remote configuration.

In other words, either router will allow or block remote configuration, depending on it’s setting, when it is connected to the DSL modem. Neither will allow it when connected to the cable modem. I have tried different cable modems.

Bart

montana_suse_user · October 1, 2013, 11:37pm

I went into the setting of the netgear router. I forwarded the port 8080. I set it to allow ping. I have remote management turned on. I ran nmap and it still does not show port 8080 as being open. Part of the output from nmap says

 all 1000 scanned ports on XX.XX.XX.XX are filtered.

This line does not show up when I run nmap against the DSL connection.

Bart