It's sexy and such, but not working like I'd like it to.

[Ardrias]

Right. Got myself a Netgear DG834G modem/router/wireless combo thingie. Took me about 1 minute to set it up and access the internet, so that was sweet.

However, cant get it to open ports. Well, it says ports are open, but I cant connect through them. Put my PC as DMZ for the time being, to get around the problem, but thats not really a great solution should I get more PC's.

So anyone had any experience with this sexy toy, or got any ideas regardless?

 

[babs]

You say they're open, are you forwarding them to the PC?

 

[Clown]

Make sure you don't have another rule like, ALLOW ALL to another computer, which is higher in the rule list than the one you want.

 

[Ardrias]

Yes I am forwarding them to the PC. I've tried both forwarding to all addresses, and to just the one PC. Oh well, need to contact support anyhow... The bugger hangs when I aint using it. Bit gay to have to reboot it each time I start my PC.

 

[Cyradix]

Have you tried the latest firmware?

http://kbserver.netgear.com/support_details.asp?dnldID=673

 

[Ardrias]

Yes.








And it didn't work.
I fkin work with this shit every day, but I am totally stumped when I've done all the troubleshooting I can think of, and it's still bitching. Oh well.

 

[Quige]

I've just got one of these ... as far as I'm aware it's port forwarding OK .. . at least to the extent that my mail server is receiving mail. I haven't updated to the latest firmare yet as I haven't had any problems, other than my partners old 3Com Airconnect not wanting to talk 128-bit WEP to it, and it can be problematic I understand. There is a Router recovery utility on their site to use if a firmware update goes wrong.

What does your firewall rulebase look like? (though can understand if you don't want the world to see it )

 

[Ardrias]

Just one port for a P2P application, and a few for some games. And I dont want to share them.

Havent bothered anymore really, just blocking the ports that I get attacked on. It's opening that is the real problem tho. Oh well, DMZ will do until I can be arsed.

 

[Quige]

I'll just outline how I've got my rules set up in case it helps. Apologise if I'm telling you things you well know already

For Outbound Services I've just got one rule that essentially says;

- for any service always allow from any LAN IP to any WAN IP.

For Inbound Serives I have a few rules that are like this;

- for x Service always allow to a particular internal LAN IP from any WAN IP.

Then right at the bottom I have the default rule which is to always block;

- for any service always block to any LAN IP from any WAN IP.

The order is important in that they process from the top to the bottom.

I had to add a couple of non standard services into the router to use in the rule base. Depending on your apps these need to either be TCP, UDP or sometimes 2 rules covering both.

Generally it's better to close everything down and only open up what you need. If you need to block an individual IP I would expect a rule like that to be right at the top of the rule base above your normal services section;

- for any service always block to any LAN IP from a particular WAN IP.

 

[Ardrias]

Mmm, I is been a daft **** about the order of them. *bows head in shame*

Thanks for the pointers.

 

[Clown]

Which is what I said in my first post

 

[Quige]

Thanks for the pointers.

No probs ..
You still getting the hanging problem? Trying to decide whether to go for the firmware upgrade or not ... trying to hang onto the principle that if you haven't got a problem leave it alone, but the "they only release these things to fix problems" urge to put it on is still fighting back. Did you have the hanging thing before the firmware upgrade or is it something that happened after you did it?

 

[Ardrias]

Nah, hanging gone since a week or so. Dunno what it was, some virgin period with my ISP or something... (If thats an expression I can use, and make sense at the same time.)

Sorry Clown, I'm a blind fuck.

 

[Clown]

While I'm here, I'm going to bring up a problem I have with this router. The ADSL connection drops sometimes, with the router diagnostics saying something like 'LCP allowed to come up'... the router then can't connect back up to the ADSL line without me turning it off then on, or rebooting it.

Any ideas?

 

[Ardrias]

Thats the 'hang' I was refering to. I couldnt access the router itself either tho. It just stopped after a week, as I said, so cant help you much with it tho

 

[Quige]

I've not experienced this hanging as yet, and the only time I've seen the diagnostics looking like that, stuck at 'LCP allowed to come up' was when BT provisioning had told my ISP the line was enabled, when in fact no work had been done at the exchange at all. I guess it was trying to lock onto the ADSL signal and never could.

Looking at my logs the next stage should be the CHAP authentication. Maybe it sometimes has problems with this.

LCP down.
Wed, 2004-04-21 23:42:57 - Initialize LCP.
Wed, 2004-04-21 23:42:57 - LCP is allowed to come up.
Wed, 2004-04-21 23:43:01 - CHAP authentication success

Sorry I can't help.