HELP - Netgear WNDR4000 - Double NAT / Port Forward

Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware
Author Message
lifeisgoodenjoy
DD-WRT Novice


Joined: 31 May 2012
Posts: 7

PostPosted: Thu May 31, 2012 15:11    Post subject: HELP - Netgear WNDR4000 - Double NAT / Port Forward Reply with quote
First let me say I am new to ddwrt - and excellent work. I have used tomato for many years and have decided to give ddwrt a try on my new router purchase.

My Environment
A Netgear WNDR4000 running ddwrt big (dd-wrt.v24-18946_NEWD-2_K2.6_big-nv64k.bin). I have installed optware using the instructions at
http://www.dd-wrt.com/wiki/index.php/Optware,_the_Right_Way I have a double Nat setup - My WAN IP starts with 172.* - This cannot be changed - no point in wasting space with the why, no DMZ option either. I do have a public static IP but my ddwrt router cannot see it.

My Issue
This has not been an issue with other setups (tomato) so I know it can be done successfully, however currently no external requests can get to my internal servers. Internal requests work just fine so I know the servers are up, etc. dmesg shows a [DROP INVALID WAN] over and over, I'm not at home right now or I'd post it. The port forwards in iptables are present (nothing special atm - just 22, 80, and 443). It appears that ddwrt marks any request appearing to be from a private network arriving on the WAN port as INVALID and then drops it..... I desperately need to disable this feature. A cool checkbox in the web interface would be nice but I have no qualms about ssh'ing in.

I *need* this to work (part of my income) or i have to abandon ddwrt, currently my old tomato router is doing the grunt work but that needs to be replaced for other unrelated reasons. I will list iptables (iptables -nvL) later this evening but I thought I'd get this post out there in case anyone knows this off the top of their head and just hasnt had an opportunity to post it in the forums - any insight or ideas are very welcome. Thanks in advance Very Happy


Last edited by lifeisgoodenjoy on Fri Jun 01, 2012 13:31; edited 1 time in total
Sponsor
lifeisgoodenjoy
DD-WRT Novice


Joined: 31 May 2012
Posts: 7

PostPosted: Thu May 31, 2012 23:45    Post subject: Reply with quote
as promised above, i have attached the output of iptables. Any ideas? Has double NAT'd gateway been neutered from ddwrt?

I'm guessing it would just be extra rules added to the iptables but i dont know enough about iptables. I'd be happy to donate to something/someone if it resolves this quickly... Very Happy



iptables_-nvL_-t_nat.txt
 Description:
results of iptables -nvL -t nat

Download
 Filename:  iptables_-nvL_-t_nat.txt
 Filesize:  1.19 KB
 Downloaded:  65 Time(s)


iptable_-nvL.txt
 Description:
results of iptables -nvL

Download
 Filename:  iptable_-nvL.txt
 Filesize:  8.45 KB
 Downloaded:  82 Time(s)

lifeisgoodenjoy
DD-WRT Novice


Joined: 31 May 2012
Posts: 7

PostPosted: Thu May 31, 2012 23:53    Post subject: Reply with quote
almost forgot - attached is dmesg output showing what i believe are the drops


dmesg pipe tail -n50.txt
 Description:
dmesg output showing what i believe are the drops

Download
 Filename:  dmesg pipe tail -n50.txt
 Filesize:  9.5 KB
 Downloaded:  219 Time(s)

Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Forum Index -> Broadcom SoC based Hardware All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum