Hi, im trying to open all ports on every single device connected to the router.

Is this possible?

I've tried almost everything.

I installed miniupndp + luci interface for this, tried portforwarding 1-65535 on every single device and still doesn't work. I have NAT restrict on the xbox and terrible lag on the pc.

This is my configuration:

http://i.imgur.com/qofRpba.jpg

http://i.imgur.com/G3GTcjR.jpg

Ant this is my upnp configuration. 192.168.1.20 is the ip from my pc.

http://i.imgur.com/rledXcG.jpg

This is the DMZ config on the modem 192.168.0.10 is my routers IP

http://i.imgur.com/I14ld4h.jpg

And here, im pretty sure i dont have to touch anything as long as DMZ is directed to the router's IP.

http://i.imgur.com/JAt9g6d.jpg

Am i missing something?

Also, is there any application to check what ports are open?

Thanks!

(Last edited by alelocooo on 28 Jul 2015, 14:39)

That's not how it works, you can't forward a port to several computers. miniupnpd should accomplish what you want if it's set up properly and the router's WAN port has a public IP address.

Each external port can only be forwarded to one port on one internal computer; think about it: when receiving a connection on port X, how is OpenWRT going to decide which computer should receive that connection?

So, on the router/upnp, should i put the public ip address that the modem gives me? And thats it? After that can i remove eveything on "port forwarding" and just configure the UPNP?

It surprises me that on both the firewall/port forwarding section and on UPNP on openwrt,  says "internal ip address", it doesnt say anything about public putting my public ip address.

Thanks!

(Last edited by alelocooo on 28 Jul 2015, 15:03)

You don't have to do anything. I just said make sure your WAN port (meaning interface, not TCP/ip port) has a public IP address. Specifically, that you do not have another router in front doing NAT. Just make sure miniupnpd is running properly and you should be fine.

(Last edited by arokh on 28 Jul 2015, 15:04)

So opening all ports on all devices is not possible?

Mmm.. pretty sure both the modem and the router are with DHCP on. I did this because the modem is wireless and i can get more range when im outside this way. Also, if i disable DHCP and put  the modem as bridge only, i cant even access to it .

With "you dont have to do anything", what do you mean? should i remove all i put on both the upnp and port forwarding tabs?

Edit: i only have one router one modem.

edit2: nevermind i give up and i dont want to set the modem as bridge only so the router wan has a public ip address. ill just open the ports i need. thanks anyways!

(Last edited by alelocooo on 28 Jul 2015, 16:38)

You can "open" all ports to all devices, if that means that any device can request any port using UPNP. But you cannot "forward" any port to several devices at the same time. In the first case each device ask for a port as it needs it, and the router will grant it, as long as that port is not in use already.

If your router does not have a public address, even if you open a port and forward it to a device, you are going to have to do forward that port from the modem to OpenWRT too; and UPNP will not do that for you. Thus, you need to have a public IP on the router, put the modem in bridge mode, and connect all devices to the router.

It sounds to me like you may be double NATing (NAT twice, once through each router), which is going to break things. What device is "in front" of your OpenWrt router? Is it a modem or combination modem/router? You show screenshots of your OpenWrt router being in the DMZ of that other device. You should either bypass it if possible (making OpenWrt your primary router) or set it up in bridge mode (again making your OpenWrt the primary router). If neither of those is an option, OpenWrt needs to be configured as an access point only to avoid double NAT.

UPNP should be enabled regardless of the above to allow the Xbox to tell the router which ports it needs forwarded as needed.

(Last edited by drawz on 28 Jul 2015, 19:38)

Once you get this sorted out, I also suggest you install & configure luci-app-qos or luci-app-sqm to manage your bandwidth and help keep latency low.

(Last edited by drawz on 28 Jul 2015, 19:39)

You should definitely set it to bridge. It is a requirement to get "NAT open" on consoles.

if i set my modem as bridge, i have no access to it.

is this common? does it really matter?

if i set it on bridge, the ethernet cable should go to the routers wan port right ?

thanks!

(Last edited by alelocooo on 29 Jul 2015, 03:08)

We can help you a lot more if you tell us what device (brand, model #) you're using and with which ISP. It would also help to know how all of this is currently connected. I can't answer any of your questions without that info.

(Last edited by drawz on 29 Jul 2015, 03:30)

Sure, Modem is a Cisco DPC3925. Screencaps of the tabs related to this:
http://i.imgur.com/tMMci9F.png
http://i.imgur.com/f5PDDC8.png
http://i.imgur.com/V6hmz98.png

Router: TP-Link TL-WR941N/ND v2

I got connected an ethernet cable from the modem to the wan port of the router.
already installed QoS, on "source hoste i must pick my public ip address" right? (once i setup the modem as bridge only).
I got connected an ethernet cable from the modem to the wan port of the router.

Both devices with DHCP on.

Thanks!

EDIT: I think im almost there, i set the modem as bridge, wan is showing the public ip address, and i can access the router using one ip from the same range as the modem (192.168.0.11 in my case, wan is 192.168.0.10):

http://i.imgur.com/YL39RBV.png

http://i.imgur.com/SJ8BFzi.png

Whats next?

EDIT: heres my attempt

http://i.imgur.com/e9kW9lc.png

http://i.imgur.com/U85kfgP.png
I want my PC to have all the ports open + higher priority than other devices on the network. Am i doing it right?

(Last edited by alelocooo on 29 Jul 2015, 04:40)

So that Cisco device is a combination modem/router/VOIP gateway. Not sure if this will disable your VOIP (or if you use it), but you should set it up as a bridge if you want to use the OpenWrt router as a router. You are definitely getting double NAT right now, which is why your having so many problems. Everything you're doing now is just making things worse - using DMZ does not help this. Reset OpenWrt to defaults after you configure the Cisco as a bridge and then reinstall/configure QOS & UPNP.

It looks like setting the Cisco to bridge is via Admin->Management->Working mode->Bridge?
Edit: looks like this may not be so easy. See this link: http://forums.whirlpool.net.au/archive/1809080

If you can't get it into bridge mode, just configure your OpenWrt as an access point to handle wireless and do all the port forwarding, QOS, UPNP, etc on the Cisco. This probably won't actually help you though, unless the wireless is unstable on the Cisco and that is its only problem.

The other option, which is far easier, but more expensive - buy a new cable modem that is just a modem without routing functionality. This is the typical set up when using OpenWrt.

But guys, i already set the cisco as bridge as i said before.

I only need to know how to set up QoS/UPNP properly. I posted screenshots.

Yes, i reset'd the router a few hours ago.

On QoS: Source host is my public ip or the wan IP?
On Upnp: is the cfg i posted on the screenshot on my last post fine?

Thanks.

Edit: on QoS, i tried my public ip and the modems internal ip as 'source host', and nothing. I downloaded at top speed on both devices (i used speedtest on my pc and my cellphone at the same time and it was 50-50 (instead of 90% of the speed for my pc and 10% for the phone):
http://i.imgur.com/ugvTA5r.png

Also i got upnp configured like this:
http://i.imgur.com/YmKQPkY.png

And one last question, now that i got these two plugins, should i remove all the port forwarding rules on the 'firewall' tab?

EDIT: I think i managed to set up correctly the UPNP (i removed everything and now the xbox shows nat Open, however, id appreciate if you know about a program so i can check if my pc has all ports open aswel).

I would need help to make QoS work. My connection is 10Mb download 1Mb upload. I want my pc to have the highest priority over everything else, i checked the openwrt wiki but i couldnt understand, and it seems like its explained for non-lucy gui servers, so id really appreciate some help. Yes i enabled/start it and rebootd the modem and still nothing .

Thanks.

(Last edited by alelocooo on 29 Jul 2015, 06:26)

Unless you want to redirect a specific port to a specific device, I would delete all forwarding rules.

Now, your UPNP is configured to allow ports 1024-65535 to computer on 192.168.0.20; if that is what you want, then it looks OK to me.

Yea, thanks, it seems i was able to open the ports i wanted, and in the meantime i fixed the double nat thing thanks to you guys .

However, the miniupnpd thing is an absolute disaster lol. If i do a speedtest with that turned on it shows i have 0.8mb of download bandwidth lol. Im googling a bit more about it, if it still doesnt work im removing it.

Thanks everyone for your help!

miniupnpd does nothing to affect your speed, it's merely an agent for opening ports automatically. It can however report the speed of the connection, which by default is set to 1024/512 KB (uplink/downlink) and can be configured in luci. I guess that is what your speed test is reporting.

This screenshot clearly shows you are not in bridge mode. Setting up DMZ and pointing it to your other router is not the same thing!

http://i.imgur.com/f5PDDC8.png

sorry i meant the QoS plugin.

yea as i said before i already changed that, its on bridge mode now.

Did you reset OpenWrt to defaults? Your attempted port forwards don't help?
Also can you show us a screenshot of bridge mode on your Cisco modem/router?