Netgear FVS124G Blocking Ports

Have a question or want to start a discussion? Post it! No Registration Necessary.  Now with pictures!

Threaded View
I have a Netgear FVS124G, and even though i have enabled FTP on the
Firewall it is still blocking Incoming FTP to my server.  AOL
messenger will also not run on the standard 5190 port.  I have
everything set up properly, and when the Netgear folks load my config
they say it works in their lab.  Basically below is a summary of the
current situation

1-  Netgear Router on my network, i cannot accept incoming FTP and
cant run AOL messenger.  I get the FTP welcome message that comes on
port 21, but nothing else.  Everything else seems to work.

2- Plug in my old Linksys router, and i can accept incoming FTP and
run AOL Messenger.

3-  If I plug my Netgear into my neighbors CABLE connection, I can
accept FTP connections and AOL run fine.

4-  All Outgoing ports are open

5-  Plug directly into my modem, I can accept incoming FTP and run AOL
messenger.

I tried 2 different Westell DSL Modems, and also a Netopia DSL modem.
The Netgear will not work with either, the Linksys works with both.  I
even got an RMA from Netgear and the replacement didnt work.  I am
running the latest firmware also, and also tried previous firmware
versions.

Oddly I see this in the Netgear Logs

MON JUL 30 19:42:53 2007 time="2007-07-30 19:42:46 Mon " proto=6- tcp
packet -  Source:=64.12.161.185 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 2801 Dst 5190 from WAN n/w]

MON JUL 30 19:44:44 2007 time="2007-07-30 19:44:23 Mon " proto=6- tcp
packet -  Source:=207.69.235.28 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 21 Dst 1422 from WAN n/w]

If any one has any suggestions it would be greatly appreciated!

Thanks,
Donnie


Re: Netgear FVS124G Blocking Ports
Quoted text here. Click to load it

Then that should tell you that there is nothing wrong with the router.

Quoted text here. Click to load it

Some routers don't play well with some devices.



Re: Netgear FVS124G Blocking Ports
dwishard@gmail.com wrote:

Quoted text here. Click to load it

there is a general problem that sometimes one device is only accepts
things strictly, and another sends it leniently. That's just a theory.
I have had a computer that only accepted one of my monitors. A ps2-usb
adaptor that worked in one comp and not another. But another ps2-usb
adaptor worked in both. As far as I am concerned, the one that didn't
work in all of them is bad, it's not reliable(in a portable sense).

If netgear won't give you a refund, you could try asking for a
different model of netgear router.

You could try changing the cable(telephone cable going from wall to
router). Maybe the packet is getting corrupted there.

It could be that the packet being sent is corrupt, and is getting
accepted, by other routers you tried, and your OS.  You could check the
checksum yourself, looking at it with a packet sniffer like ethereal.
Maybe the packet sniffer will check it. I don't know the calculation
offhand.

One thing you could try is changing the MTU. It's a setting that might
be related to the IP Header. Try 1500, maybe another value, just to
test. I searched for ping 1500, You could try
http://www.opus1.com/www/ping.html
That should ping your machine with different sized packets - you
specify the size. It'd be interesting if some get through and not
others. Put ethereal on your machine and watch.
Hopefully your router doesn't block pings / allows you to tell it to
allow them)

Those are really wild suggestions though, stabs in the dark. I'm sure
others can do better.

Another suggestion could be to try doing what you are doing locally. So
just using the switch aspect of your "home router", see if that works
or not.
It looks like you've already tried from different source comps. You
could try a different ISP (in uk some dialup ISPs are free to sign up
and are PAYG , and they'd go through a different router). It could be
your ISP's router that is playing up a bit.


gtg!
 
  
  

--


Re: Netgear FVS124G Blocking Ports
On Jul 31, 9:20 am, "jameshanle...@yahoo.co.uk"
Quoted text here. Click to load it

Yeah that could be.  Here is an interesting tidbit from the Netgear
FVS124G log.

MON JUL 30 19:42:53 2007 time="2007-07-30 19:42:46 Mon " proto=6- tcp
packet -  Source:=64.12.161.185 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 2801 Dst 5190 from WAN n/w]

MON JUL 30 19:44:44 2007 time="2007-07-30 19:44:23 Mon " proto=6- tcp
packet -  Source:=207.69.235.28 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 21 Dst 1422 from WAN n/w]

It looks like the FTP and AOL are experiencing checksum mismatches.
What I don't understand is I gave this to Netgear Escalation Support
in CA, and they have not given me any answer on it.  They did give me
a new BETA firmware, but it didnt work.  I have in the meantime also
treid 3 different DSL modems, and nothing has changed.  Who in the
world would be the right folks to contact regarding the checksum?  I
guess it could be my line, but it could also be a Firmware bug no?

thanks!
Donnie


Re: Netgear FVS124G Blocking Ports
Kilimanjaro wrote:

Quoted text here. Click to load it

you said you tried the netgear with a cable modem, in your friend's
house. and it worked

But in your house, your tried it with dsl modems and it didn't work.
Whereas a linksys worked with those modems.  It could be that your
netgear router has a problem with DSL modems.

That would be my suspicion thus far.

i.e. this may not be some conflict between isp and router involving
packets.

Try the netgear with a DSL modem, at the house of a friend that has
DSL! There's a good change it won't work!

Another variable is ISP. If your friend has a different ISP, and it
screws up, then it really points to it being netgear's issue with DSL
modems.

your computer isn't a variable because the problem sort of occurs
before reaching it.

Most people using DSL, have a router/modem unit. Not 2 separate units.
They may get 2 separate units though, if they need better features from
the router.  Though actually, I have not yet seen a plain dsl modem,
they all seem to use NAT and be a router. Maybe USB ones are but I
doubt it. I had a westell which the retailer thought was a plain modem,
but turned out it had NAT and DHCP, and no doubt I suppose did routing.
You can prob use your Westell and take the netgear router out the
picture - though the Westell would prob only have primitive router
features compared to the separate  router unit. Or use your linksys
router.  Or if all your DSL friends had the same ISP, you could change
the ISP variable by changing ISP !!  This was a silly paragraph from
me, but the paragraphs above are ok!

If the new firmware doesn't work, that's one less thing they can ask
you to do before offering a replacement or refund of some sort. But if
you do your own diagnosis, it may mean you find the problem to the
extent that for example, maybe you want them to send a different model
or something. Maybe you'd want them to do that anyway!

I can describe something in theory that'd help diagnose it. Set up a
linux router with a packet sniffer and check the CRC. Whether it is a
mismatch and other routers are accepting it. Problem could be at ISP
Router. Or whether it isn't a mismatch, and this netgear router is
screwing up - with DSL modems.

Here's an easier test.. Use your linksys router, then connect your
netgear into that one. See if your netgear rejects packets for CRC
reasons.. If it does, then you can actually check the CRC, with a
packet sniffer like ethereal.  From any windows machine connected to
the linksys instead of the netgear.


--

Re: Netgear FVS124G Blocking Ports
On Aug 9, 7:32 pm, "jameshanle...@yahoo.co.uk"
Quoted text here. Click to load it

I like the last 2 suggestions and will try them when I get back in
town.  Bellsouth is sending a tech out to check my line for a problem
on Monday too.  Unfortunately I am the only moron in my small hood
that has DSL...the others have cable.  I actually do not think any of
my friends have DSL.  The funny thing is, Netgear took my config,
loaded it into a router at their lab, and it worked just fine with DSL
(so they say).  The reason I am set on this router is 2 fold.  1, I
upgraded my whole network to gigabit hardware, and my old Linksys is
not real good at not freezing up after a few days.  2, I cannot return
it to where I bought it, as they only had a 14 day return policy.  I
blew through that time period trying to fix it and waiting on Netgear
to ship me a replacement, as they said it was a bad unit.  The
replacement didnt work either :)  so, I am stuck with this and need to
get it working.  I will let you know if I get any further on this.

thanks again!





Re: Netgear FVS124G Blocking Ports

 
Quoted text here. Click to load it

You got two shots here to make it work.

I) Get a modem that works with the router.
2) Get a router that works with the modem.

Re: Netgear FVS124G Blocking Ports
Quoted text here. Click to load it

:)  that is true.  in searching, it seem i am the only person with the
Netgear issue.  i find that impossible.  what is perplexing is that i
have tried 4 different DSL modems.  maybe its not the modem, and its
the Router / DSL network combination?  one more note, the AOL
messenger on port 5190 doesnt work, but if i manually set its port to
13, it works.  I just dont know who i need to beat up on this,
Bellsouth/ATT or Netgear?  The router logs definitely show checksum
mismatches for the services that dont work (AOL on 5190, and FTP on
20/21)...


Re: Netgear FVS124G Blocking Ports
Quoted text here. Click to load it

I have an Update.  The bellsouth guy came out, and the line is just
fine, no surprise there.

What I managed to do though, was take my DSL modem out of bridged
mode.  I let the DSL modem handle the PPPOE negotiation, and set the
Netgear to just use the IP address its assigned from the modem.  I
then set up NAT on the modem for FTP.  I used the pre-canned FTP
definition in its pre-loaded NAT services.  I then ran my FTP test,
and it worked.

So the problem seems to be around the fact that when I put the modem
in bridged mode, I then start seeing ports blocked.  The question is
what is causing the issue.  The modem going to bridged mode, or the
Netgear handling the connection.  Any ideas?


Re: Netgear FVS124G Blocking Ports
On Jul 31, 9:20 am, "jameshanle...@yahoo.co.uk"
Quoted text here. Click to load it

Netgear had me try the MTU, that didnt work.  Also, I allowed ALL
incoming and ALL outgoing (default) via the rules, and still nothing.
If i FTP internally, ftp works, which makes sense as its not getting
to the FVS124G.  I had this same issue with another Netgear (WGR614),
but i could return that one to the store minus a restocking fee.  This
is really frustrating as the router logs I think points to the issue.

Donnie


Site Timeline