windows 7 firewall blocks edge traversal(port forward from router)

10
2013-10
  • Jiechao Li

    I am trying to set up a website on my windows 7 machine. I opened a 'inbound rule' in firewall to open port 8000. When I try to visit the port from another computer in my home network, it works fine.

    However, I also want people outside my home network to visit my website. So I set up a port forwarding on my home router, to forward port 8000 to 8000. When I try to visit the port from outside, it does not work. I have a linux server in my home and set up the port forward, and it works fine.

    So I am sure that the router is set correctly, and the real problem is in windows firewall. The fact is that local computer in my home network can visit the port while outside computer cannot. And in the inbound rule, which is set in windows firewall, I select 'Allow edge traversal' explicitly, but it still does not work.

    Anyone can help me?

    Thanks a lot!

    • Answers
  • Sector95

    If a user can access the website from inside the network, but an outside user cannot, it's almost always a NAT problem on the router.

    But just in case, lets say it's not a router problem.

    You would want to check to make sure that the scope of the Windows Firewall rule allows all IP addresses, and not just those that are within your local subnet.


    • Related Question

    How to set up port forwarding and firewall settings for torrents using Transmsission on Mac OSX 10.5.8 with Netgear Wireless Router DG844GT?
  • Liz

    I have picked up bits of advice here and there on the internet and got someway through this tortuous exercise (after it took 18 hours to download the first torrent I tried yesterday - magnet-link for a film).

    Where I have got stuck is with configuring the firewall on the Netgear Router but I am not sure if I have caused the problem myself by something else I have done configuring the Mac System Preferences for Security or Networking.

    I have been following the sections of these instructions that seem to apply, although they are written for a different OSX version (don't know which one, but the screen shots do not match what I see) and I am not wanting to set up my Mac as a server and attending to the parts that apply to port forwarding for Netgear rather than LinkSys:

    http://homepage.mac.com/car1son/static_port_fwd_intro.html

    I have been trying to follow these instructions:

    Instructions for DG834, DG834G, DG824M, FR114W, FM114P, FR114P, FR328S, FVL328, FVS328, FVS338, FVX538, FWAG114, FWG114P, or FVS318v3

    These routers do port forwarding by assigning port numbers to a "service" associated with the application you want to run. "Rules" are set for particular services. Rules block or allow access, based on various conditions such as the time of day and the name of the service.

    To Create a New Inbound or Outbound Rule

   1. Submit the router's address in an Internet browser. (The default is 192.168.0.1).
   2. Enter the router's username and password.
   3. From the main menu, click Security > Rules.
   4. Click Add for inbound or outbound traffic, as appropriate to the application you are planning to run.
   5. Select the Service. The services the router knows about are listed in the drop down. If the service you want is not listed, add it as described in the next section.
   6. Select the Action, for example ALLOW always.
   7. For Send to LAN Server, enter the IP address of the local server. Note that this is also the IP address the computers on your LAN will access.
   8. For WAN User choose Any, or limit access to particular IP addresses.
   9. For Log selection it is reasonable to turn logs on, especially at the beginning when you are unsure of the result of the changes you are making. Later, you may want to set logs to "Never" for performance reasons.
  10. Click Apply.

As noted in user manual for some models:

    * Consider using the Dynamic DNS feature on the Advanced menu, so that external users can find your network when the DHCP lease is renewed by your ISP.
    * If your own LAN server uses DHCP, and your IPs change on rebooting, consider using the Reserved IP Address feature in the LAN IP menu.

To Add a Service for These Routers

   1. Click Security > Services > Add Custom Service.
   2. Enter any name you choose for the service.
   3. Select whether the service is to use TCP or UDP. If you are unsure, select both.
   4. Enter the lowest port number used by the service.
   5. Enter the highest port number used. If the service uses only one port number, enter the same number.
   6. Click Apply.

    There is no "Security -> Rules" submenu in the Netgear page, so I have been trying to access "Security -> Firewall Rules".

    I can access everthing else in the Netgear settings as Admin but I cannot get the "Firewall Rules" section to open up. (I am not 100% sure I will know exactly what to do if and when I do get it opened up!)

    I haven't managed to find though searching the internet any instructions that would seem to apply specifically to what I am trying to achieve, so would be very grateful if someone could either point me in the right direction or give me some advice directly.

    Best wishes, Liz


    • Related Answers
    Know someone who can answer? Share a link to this question via email, Google+, Twitter, or Facebook.