> On Tuesday 31 May 2011 17:43 in comp.os.linux.networking, somebody
> identifying as Philip wrote...
>> Aragorn wrote:
>>> On Tuesday 31 May 2011 02:21 in comp.os.linux.networking, somebody
>>> identifying as Philip wrote...
>>>> I have a WRT54G. Everythig was working fine until today.
>>>> I had ports 80 (http), 443 (https) and ports 20-22 (ftp and ssh)
>>>> forwarded to a internal static IP (192.168.1.140) server. I also had
>>>> port 8082 forawarded to internet camera with the static IP
>>>> Today I bought a new internet camera to replace one that failed. I
>>>> set it up as another static IP 192.168.1.150 on port 8081 and set
>>>> the WRT54G to forward to it.
>>> So, judging by what you are saying here, I take it that you have
>>> *two* cameras, and that your layout is something like...
>>> Would that be correct, or are there any other machines still on your
>>> LAN (and if so, how many)?
>> Using your nomenclature, my local network looks like this
>> ________WRT54G router
>> | | |
>> | | bridge (office)
>> | | |
>> | wireless |
>> | | |_ port 20______
>> | | |_ port 22______|
>> | | |_ port 80___server 192.168.1.140 Fedora12 webserver
>> | | |_ port 443______|
>> | | |
>> | | |_ 192.168.1.nnn (dhcp) WindowsXP
>> | |
>> | |_ port 8081__ camera1 192.168.1.150
>> | |_ port 8082__ camera2 192.168.1.151
>> |___________________ 192.168.1.nnn (dhcp) Fedora14 misc
>> DLink DHP-301 powerline adapters
>> bridge (media console)
>> |_ port 8000 192.168.1.101 (dhcp) Fedora14 mpd music
>> |_ 192.168.1.nnn (dhcp) media box Fedora14
>> |_ 192.168.1.nnn (dhcp) BD-Player Sony BDP-S370
>>>> Now for some inexplicable reason, everything works except for ports
>>>> 80 and 443. In other words ssh, ftp and internet cams are accessible
>>>> from outside. However, when I try to access the the webserver, I can
>>>> see that the forwarding is not working. The browser responds asking
>>>> for a WRT54G login/password. If I try to access the webserver
>>>> directly at 192.168.1.140 it works fine. So clearly the WRT54G is
>>>> picking on ports 80 for some reason. It is not my ISP blocking the
>>>> port as I can see the login/password prompt indicating it is my
>>>> WRT54G domain.
>>> If you have more machines or appliances on your LAN than what you've
>>> mentioned here, then chances are that you'll be using a switch to
>>> uplink to your router - I myself have a WRT54GL [*] and it has only 4
>>> ethernet ports for LAN. As such, it is quite possible that you've
>>> created a conflict by swapping ethernet cables around.
>> Yes I have a couple of bridges as I noted in the layout above.
> By "bridges", I take it you mean "switches"?
>> Here is a table of what is working and what is not:
>> Application Start End Protocol IP Address Enable
>> http 80 80 Both 192.168.1.140 yes NO
>> ssh 22 22 Both 192.168.1.140 yes YES
>> ftp 20 21 Both 192.168.1.140 yes YES
>> cam1 8081 8081 Both 192.168.1.150 yes YES
>> torrent 6881 6999 Both 192.168.1.103 no
>> cam2 8082 8082 Both 192.168.1.151 yes YES
>> https 443 443 Both 192.168.1.140 yes NO
>> mpd 8000 8000 Both 192.168.1.101 yes NO
>>> You will need to check on IP address/MAC address mismatches. If
>>> you're using an external switch to connect to your router, try
>>> resetting the switch by unplugging it from the power outlet for a few
>>> seconds and then plugging it in again. Also make sure that
>>> everything is still set up in the router's configuration utility as
>>> it is supposed to be. You may also need to reset the router,
>>> depending on what the actual problem is.
>> I reset every bridge and rest every computer. After some
>> experimentation, I believe that the router is in a bad state. I did
>> hard reset it before posting here the first time, but I reloaded a
>> previously saved configuration (which may be corrupted?).
> Such corruption *is* possible...
>> I am going to hard reset it back to factory defaults and manually
>> reconfigure it. I'll have to do that later as it would disrupt some
>> work I need to complete first.
> Okay... Well, I hope that'll work.
>> Why do I think the router is in a bad state? Well I tried disabling
>> all the forwarded ports, but the router continued to forward to the
>> working servers. When I access from the internet side, the Router's
>> http server is clearly grabbing all the http packets and not
>> forwarding them.
> That does indeed suggest corruption, and since you've reset the machine,
> the corruption must be in a saved state, i.e. in the configuration file
> on the router.
>>> Sorry - best educated guess I can make at this point. Only _you_
>>> know what you've done. ;-)
>> Very true. I do appreciate the time you spent on thoughtfully looking
>> at my problem.
> Considering that I'm not a network/router specialist, it was the best I
> could do. :-)
>>> [*] I believe your router is an earlier model, so I'm not familiar
>>> with its firmware. (Mine runs Linux "out of the box".)
>> Yes, this is a non-linux model, v3-something, I think. I'd have to
>> wrestle it out of a closet to read the specific model version label.
> Perhaps it would be best if you keep us posted on your progress. That
> way, people experiencing similar problems can find this thread again
> and more correctly diagnose the problem on their end.
> Also, I don't know whether your router supports this, but it might be
> worth your time investigating an upgrade of the firmware, or replacing
> it with DD-WRT or something of the likes (if that is possible).
> Good luck! ;-)
I solved the problem.
Turing off the UPnP on the new camera restored sanity to my network. Now
all is well and I can access my web server again.
Thanks to all with the hints. It helped me pinpoint the issue.