NAT Configuring NAT

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking
Author Message
truehomie35
DD-WRT Novice


Joined: 27 May 2019
Posts: 22

PostPosted: Fri Jun 14, 2019 19:30    Post subject: NAT Configuring NAT Reply with quote
Hi,

can anyone advise how to configure NAT rule if i have multiple source ports on wide range 49000-51000

Any know-how???

whats the difference between
port forwarding/port range forwarding/port triggering

when i activete them all, my connection freeze


Last edited by truehomie35 on Mon Jun 17, 2019 14:50; edited 2 times in total
Sponsor
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 5129
Location: Akershus, Norway

PostPosted: Fri Jun 14, 2019 19:53    Post subject: Reply with quote
Sorry, don't understand. Can you explain what you are trying to achieve?
eibgrad
DD-WRT Guru


Joined: 18 Sep 2010
Posts: 8034

PostPosted: Fri Jun 14, 2019 19:56    Post subject: Reply with quote
NAT what? The dd-wrt router?

When it comes to NAT'ing over the WAN of the router, you don't normally NAT based on the source port, but on the source IP. If you're referring to something besides the router, you're going to have to be more specific.

_________________
DD-WRT: DNS Leak Detection w/ VPNs (updated 6/5/19)
NEW SCRIPT!: ddwrt-mount-usb-drives.sh
NEW SCRIPT!: ddwrt-blacklist-domains.sh
NEW SCRIPT!: ddwrt-ovpn-remote-access.sh
NEW SCRIPT!: ddwrt-pptp-policy-based-routing.sh
truehomie35
DD-WRT Novice


Joined: 27 May 2019
Posts: 22

PostPosted: Fri Jun 14, 2019 20:21    Post subject: Reply with quote
Sorry, you are right!

I mean do you think this is enough for simple NAT config ?

[img][/img]
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 5129
Location: Akershus, Norway

PostPosted: Fri Jun 14, 2019 20:36    Post subject: Reply with quote
You have to fill in the "Port from".

Port from: The port on the router's WAN
Port to: The port on the machine on the LAN.

You can only use a given port on the WAN of the router once.

Why have you masqued out parts of the private addresses? No need to, as they are only valid in your LAN.
truehomie35
DD-WRT Novice


Joined: 27 May 2019
Posts: 22

PostPosted: Fri Jun 14, 2019 20:54    Post subject: Reply with quote
Thank you very much for all the info provided.
Well noted.

Understood everything except:

Per Yngve Berg wrote:


You can only use a given port on the WAN of the router once.



i can't create more than 1 rule entry ? or i should disable rules for other ports which are currently unused ?


Last edited by truehomie35 on Fri Jun 14, 2019 21:21; edited 2 times in total
Per Yngve Berg
DD-WRT Guru


Joined: 13 Aug 2013
Posts: 5129
Location: Akershus, Norway

PostPosted: Fri Jun 14, 2019 21:05    Post subject: Reply with quote
Let's say you have a web server on 10.20.33.1.

It uses port 443 which is https. You forward port 443 to 10.20.33.1:443

If another machine is also serves port 443, it's now occupied on the router and cannot be used by the second machine. You then have to forward another port i.e 1443 to 10.20.33.2:443

The client accessing from the WAN also have to specify WAN IP:1443 to use the second server.
truehomie35
DD-WRT Novice


Joined: 27 May 2019
Posts: 22

PostPosted: Fri Jun 14, 2019 21:20    Post subject: Reply with quote
Now it seems clear.
Thank you once again for sorting this out!
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 3787
Location: Netherlands

PostPosted: Sat Jun 15, 2019 8:10    Post subject: Reply with quote
The question still remains what are you trying to achieve?

Port forwarding is normally used when you are wanting to make/start a connection from outside to a client on the inside.

I have an OVPN server running and an FTP server and I want to connect from the internet to those so I have to port forward to the OVPN server and the FTP server

Port range Forwarding actually does the same but is used more if you want to open extra ports from the outside for a particular client like a download PC where you want to open extra ports for the transmission client

You can use a specific port only once

For connections started from the inside you do not need any port forwarding

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN server setup guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
truehomie35
DD-WRT Novice


Joined: 27 May 2019
Posts: 22

PostPosted: Sat Jun 15, 2019 13:46    Post subject: Reply with quote
egc wrote:
The question still remains what are you trying to achieve?

Port forwarding is normally used when you are wanting to make/start a connection from outside to a client on the inside.

I have an OVPN server running and an FTP server and I want to connect from the internet to those so I have to port forward to the OVPN server and the FTP server

Port range Forwarding actually does the same but is used more if you want to open extra ports from the outside for a particular client like a download PC where you want to open extra ports for the transmission client

You can use a specific port only once

For connections started from the inside you do not need any port forwarding


I wanted to activate NAT bcz i ve been hearing it increases security. I dont want to open ports for any inbound connection or something,
truehomie35
DD-WRT Novice


Joined: 27 May 2019
Posts: 22

PostPosted: Sat Jun 15, 2019 14:00    Post subject: Reply with quote
I ve looked into WAN access tab to specify access to a specific interface and I didnt find vlan0 for some reason..

Is it OK? vlan0 is my current WAN interface..

[img][/img]
egc
DD-WRT Guru


Joined: 18 Mar 2014
Posts: 3787
Location: Netherlands

PostPosted: Sat Jun 15, 2019 15:02    Post subject: Reply with quote
You are really confused

My advice: reset the router to defaults and do not touch it until you know what you are doing

Instead of making the router more secure you are punching holes in your firewall.

The firewall is active by default.

So is NAT

_________________
Routers:Netgear R7800, Netgear R6400v1, Netgear R6400v2, Linksys EA6900 (XvortexCFE), Linksys E2000 (converted WRT320N), WRT54GS v1.
Install guide Linksys EA6900: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=291230
Simple PBR (Policy Based Routing) script: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318662
Install guide R6400v2:http://forum.dd-wrt.com/phpBB2/viewtopic.php?t=316399
OpenVPN server setup guide:
https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=318795
Install guide R7800: https://forum.dd-wrt.com/phpBB2/viewtopic.php?t=320614
truehomie35
DD-WRT Novice


Joined: 27 May 2019
Posts: 22

PostPosted: Mon Jun 17, 2019 14:50    Post subject: Reply with quote
Disregard my questions. I have switched to tomato and feel great. Have fun!
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Advanced Networking All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You cannot download files in this forum