cancel
Showing results for 
Search instead for 
Did you mean: 
Replies are disabled for this topic. Start a new one or visit our Help Center.

Forwarded Ports not Forwarding

XxNovaz
Community Member

Hello,

     I have Google Fiber and a few months ago, they had the house change over to Google Wifi, replaced the router with two small Google Wifi routers. This issue started after the equipment changed.

     Essentially, I am attempting to forward a few ports to setup a gaming server. This is something that I have done many times before, and I have double check every spot on the device and it is all fine. The Port Forwarding rules were added using the Google Home app (with no errors and they all are appearing as they should) however, after checking with a port scanner, I see that all ports that should be forwarded are closed.

     My first suspicion was having a Double NAT issue, but the WLAN address for the router matches my IP address, so I do not think this is a problem.

     Just to give an idea of my setup:
Fiber Jack (where the Fiber comes into the house) connects directly to the primary Google Wifi Router. This Router is connected to a secondary Google Wifi Router, setting up a mesh network and is connected via ethernet to a 4 port switch for the devices that have to use a wired connection (the server machine is one of them). The switch is a basic, unmanaged switch so there are no settings to adjust on it. 

     Everything was working fine before the hardware was exchanged. According to the Home App, the ports should be forwarded but nobody outside of the local network is able to connect and using a port-checker shows they are closed.

 

     Additional Information that may be relevant: 

     -The device that I am trying to forward the ports for is set to have a Static IP (both through the device and the Home App)

     -The device is a Linux OS specifically for server hosting.

10 REPLIES 10

olavrb
Platinum Product Expert
Platinum Product Expert

What ports? Could be that your ISP blocks common inbound ports like 53, 80, 443, 445, 3389.

Could also help to set static IP for the device(s) in question by using a DHCP reservation. And turn of device MAC randomization, which might be enabled by default for privacy reasons.


I don't work for Google.

XxNovaz
Community Member

Thank you for the reply, the ports I have tried have been:

25565

2302

1725

     I have also tried raising and lowering these by a few (and changing the ports the server is using accordingly) and using a port range that is inclusive for these ports.

     I have set the IP for the device using the DHCP Reservation and MAC randomization is disabled.

 

Edit: ISP has also remained the same, I am not aware of any changes other than the hardware.

olavrb
Platinum Product Expert
Platinum Product Expert

I remember I struggled when port forwarding for my NAS running Plex as well. What was especially confusing was the wording in the Google Home app. "Internal port(s)" vs. "External port(s)". One would think that "External port(s)" is the port when coming from internet, but it's the other way around. So for my working port forwading, the Google Home app says:

  • <port on NAS> => <port on Nest Wifi router>

Which makes no sense really. The connections are inbound, coming from internet, first hitting the Nest Wifi router, then port forwarded to the port on my NAS.

Could that be it? Or do you have the same exact port for both internal and external?


I don't work for Google.

XxNovaz
Community Member

That is one of the permutations that I have tried (with the same port on both).

Example: 

25565 -> 25565 (TCP/UDP)

olavrb
Platinum Product Expert
Platinum Product Expert

Try a TCP trace route to try to see where it stops?

For instance from a computer connected to mobile hotspot connected to 4G / GSM.


I don't work for Google.

XxNovaz
Community Member

Running a traceroute on the Linux machine for port 25565 yields the following:

First hop goes to the primary router

Hops 2-4 time out

Hop 5 hits what I believe to be my ISP (mci.googlefiber.net).

Hop 6 hits opendns

Hop 7 hits an IP address which I believe is opendns
Hops 8-30 all timeout.

In theory, it is making the round trip to the destination (opendns), but the ports are still appearing as closed when I use a Port Scanner.

 

Thanks again for your time in helping with this issue.

olavrb
Platinum Product Expert
Platinum Product Expert

Did you TCP traceroute to your own public/ external IP, or to OpenDNS? The point is to check wether you can reach your Raspberry Pi from the internet, thus you must TCP tracerpute to your WAN IP on the port you've port forwarded. Preferably from a device that is not already inside your network, thus I suggested you do it from something connected to your phone (which connects to internet with GSM/ 4G/ LTE).

If Nest Wifi port forwarding is done correctly, we know that part works. Now you have to troubleshoot the rest, which is not really a Nest Wifi problem. Do some digging and troubleshooting, and you'll eventually get it to work. Common stoppers are:

  • Double NAT
  • Firewall/ ACL on the device you are port forwarding to. Which you should absolutely should configure/ add for a device that will be reachable from internet.
  • Mixing up WAN port vs. LAN port, TCP vs. UDP vs. both, inbound/ ingress vs. outbound/ egress.

I don't work for Google.

XxNovaz
Community Member

My apologies.

After running a traceroute from outside of the network, I am getting no response at all.

EdwardT
Community Specialist
Community Specialist

Hi folks,

 

@olavrb, thanks for the help!

 

@XxNovaz, thanks for reaching out. I'm sorry to hear that you're having an issue with port forwarding. Thanks for trying the steps that olavrb provided. If you're still having issues with this, please fill out this form so we could investigate further.

 

Thanks,

Edward

EdwardT
Community Specialist
Community Specialist

Hi XxNovaz,

 

We got your form — thanks for filling it out. Our team will reach out to you via email to further assist you. Please keep your lines open as they may reach out to you anytime soon. Also, please be advised that this thread will be locked after 24 hrs.

 

Thanks,

Edward