Port working stopped working (sort of)

[Pho]

Hi all,

I'm pretty stumped with this, been messing around with it for hours but no joy - I know it'll be something stupid .

At our old office we have a Netgear DG834PN router which has several port forwards set-up - several to a Server 2003 machine running there, a few to a backup NAS machine etc.

All of this was working fine until the other week, and I don't think anyone has changed anything (it's unlikely anyone would). I did install DHCP server on Server 2003 but I've since unauthorised/stopped that so it shouldn't be doing anything anymore (although I can't be sure).

Port forwards work fine to the office server but fail to other machines. I've even redirected say port 80 from the office server (which works fine) to another machine and it still fails - I've confirmed this by trying to connect from several locations.

Internally I can access everything, if I VPN into the server I can access everything (both bypassing NAT I presume).

SSHing into the router or looking at its logs in the web admin everything looks ok, it's going to the right IP, the right port, and the clients shouldn't be blocking the connection (they weren't before) but the connection never happens (I'm testing with telnet which should work):

Sun, 2011-05-15 00:21:41 - TCP Packet - Source:88.110.x.x,32443 Destination:192.168.0.90,2121 - [FTP_NAS match] <-- NAS machine, fails (2121 IS the right port)
Sun, 2011-05-15 00:22:04 - TCP Packet - Source:88.110.x.x,32444 Destination:192.168.0.7,80 - [HTTP match] <-- office server, works

Does any one have any clues? I've even resorted to Wireshark with no joy.

Cheers!

 

[Pho]

Bump. Anyone got any ideas?

 

[Pho]

Fixed! As I know how annoying it is when someone doesn't leave an answer I'll explain what I did.

It looks like what happened was that on the backup box (a Netgear ReadyNAS) it had lost its gateway settings which must have meant that it got confused and couldn't route the data back to the remote hosts (but had no problem doing it internally).

I started to get a bit suspicious when I could ping internal sites from the NAS but when I tried to ping an external site I got an error:

NAS:~# ping www.google.com
connect: Network is unreachable

I have SSH access to the box so when I ran:

route -nee

I would get the following response:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface    MSS   Window irtt
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0     0     0      0

When Googling around for information on this I read somewhere that there should be an entry to map the 0.0.0.0 gateway address to the router.

Once I added the gateway IP back to the NAS I got the following output:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface    MSS   Window irtt
192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0     0     0      0
0.0.0.0         192.168.0.1     0.0.0.0         UG    0      0        0 eth0     0     0      0

Resulting in both being able to ping from the NAS and port forwarding working straight away.

Presumably this must have happened to the other hosts I tried to port forward to as well.