New router, new question on port forwarding

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
609
Reaction score
144
Location
Scott City, KS
I recently got a new router, an Asus RT-AC86U with Merlin 384.19 firmware. I am very new to the router and have some questions about getting the port forwarded. Does anyone have an Asus 86U router or even an Asus. It has been a LONG time since I did my setup with my old router and also with Blue Iris.
Do I just need to have Service Name, External port, internal ip, protocol filled in? Any advice would be appreciated. When I don't do something for years, I sometimes need a refresher. :)
Thanks.
 

SouthernYankee

IPCT Contributor
Joined
Feb 15, 2018
Messages
5,170
Reaction score
5,320
Location
Houston Tx
I have an Asus router running standard ASUS software.

I Strongly recommend against using port forwarding, it is a security risk. I recommend setup an inbound VPN on the router. Setup OpenVPN on the router, believe that it is part of the merlin software.

----------------------------------------------
My general VPN post
There are two types of VPN, do not get them confused.
The type depends on where the traffic conversation (traffic) originates

1) origination: local home network, destination the internet.
This type of VPN is purpose to hides your activity from the internet, it is outbound, it normally costs a monthly fee to use. Direction is from your home PC to the internet, going to your bank, google, porn sites,,,, this not what you want. This VPN uses a VPN server that is in the middle of your communications.

2) Origination: the internet world wide web, destination: your home network.
This VPN type is used to provide a secure connection onto your local network, in bound to you local home network, from your office computer, your cell phone in your car, tablet at the coffee shop.. This is what you want, it does not have a monthly fee and is normally completely free. OpenVPN is this type of VPN.

A video on the paid VPN.

Hacked VPNs
 

Eric Bernhardt

Young grasshopper
Joined
Oct 4, 2019
Messages
38
Reaction score
4
Location
United States
Service name is up to you for recognition. External port, usually twice for a range, should be "81" in Blue Iris unless you changed it within BI (I'm assuming you're using Blue Iris). Protocol is TCP and UDP. Internal IP is the LOCAL IP of your server. Internal port is also "81" unless otherwise specified. You can go to canyouseeme.org to see if the port is successfully visible from the internet.
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
609
Reaction score
144
Location
Scott City, KS
Service name is up to you for recognition. External port, usually twice for a range, should be "81" in Blue Iris unless you changed it within BI (I'm assuming you're using Blue Iris). Protocol is TCP and UDP. Internal IP is the LOCAL IP of your server. Internal port is also "81" unless otherwise specified. You can go to canyouseeme.org to see if the port is successfully visible from the internet.
In the past, I did not use 81, but a 5 digit port #. It has worked fine for several years.

So, when you say usually twice for a range, are you saying I should type in example # and not mine 56788:56788 for beginning and end.
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
609
Reaction score
144
Location
Scott City, KS
I have an Asus router running standard ASUS software.

I Strongly recommend against using port forwarding, it is a security risk. I recommend setup an inbound VPN on the router. Setup OpenVPN on the router, believe that it is part of the merlin software.

----------------------------------------------
My general VPN post
There are two types of VPN, do not get them confused.
The type depends on where the traffic conversation (traffic) originates

1) origination: local home network, destination the internet.
This type of VPN is purpose to hides your activity from the internet, it is outbound, it normally costs a monthly fee to use. Direction is from your home PC to the internet, going to your bank, google, porn sites,,,, this not what you want. This VPN uses a VPN server that is in the middle of your communications.

2) Origination: the internet world wide web, destination: your home network.
This VPN type is used to provide a secure connection onto your local network, in bound to you local home network, from your office computer, your cell phone in your car, tablet at the coffee shop.. This is what you want, it does not have a monthly fee and is normally completely free. OpenVPN is this type of VPN.

A video on the paid VPN.

Hacked VPNs
I may take a shot at VPN. I'll have to study up on it first. Then I'll try to see how it works. Thanks.
 

Eric Bernhardt

Young grasshopper
Joined
Oct 4, 2019
Messages
38
Reaction score
4
Location
United States
In the past, I did not use 81, but a 5 digit port #. It has worked fine for several years.

So, when you say usually twice for a range, are you saying I should type in example # and not mine 56788:56788 for beginning and end.
Yes, exactly. Same port both times :):thumb:
 

Eric Bernhardt

Young grasshopper
Joined
Oct 4, 2019
Messages
38
Reaction score
4
Location
United States
I tried putting in two like I showed but it won't accept that. It will only accept the 56788 once
It may also be possible you have a port conflict...? (spiballing here) And my old networking days want to tell me not to use a port over 49151...not sure that matters though. I use pFsense, so I haven't used a conventional router in a while personally, but I do set up 1-2 Blue Iris servers a week using the exact methods I described originally.
If you want to use a port other than 81, you do need to specify it in BI, but that wouldn't prevent your router from accepting the port forward change.
 

Attachments

Eric Bernhardt

Young grasshopper
Joined
Oct 4, 2019
Messages
38
Reaction score
4
Location
United States
I would try it, what could it hurt, right?
On internal, enter 56788-56788, and on external enter 56788-56788. I know you definitely need to have a port (or range or ports) specified on both
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
609
Reaction score
144
Location
Scott City, KS
I have an Asus router running standard ASUS software.

I Strongly recommend against using port forwarding, it is a security risk. I recommend setup an inbound VPN on the router. Setup OpenVPN on the router, believe that it is part of the merlin software.

----------------------------------------------
My general VPN post
There are two types of VPN, do not get them confused.
The type depends on where the traffic conversation (traffic) originates

1) origination: local home network, destination the internet.
This type of VPN is purpose to hides your activity from the internet, it is outbound, it normally costs a monthly fee to use. Direction is from your home PC to the internet, going to your bank, google, porn sites,,,, this not what you want. This VPN uses a VPN server that is in the middle of your communications.

2) Origination: the internet world wide web, destination: your home network.
This VPN type is used to provide a secure connection onto your local network, in bound to you local home network, from your office computer, your cell phone in your car, tablet at the coffee shop.. This is what you want, it does not have a monthly fee and is normally completely free. OpenVPN is this type of VPN.

A video on the paid VPN.

Hacked VPNs
How hard is it to set up your VPN? Is there some tutorials out there? Thanks.
 

vandyman

Getting comfortable
Joined
Jul 24, 2018
Messages
555
Reaction score
1,620
Location
US
Openvpn is the way to go.
Setup Openvpn on your router with the defaults, Use OpenVPN app on your mobile device and generate a certificate on your router to use on your mobile configuration.
 

eggsan

Getting comfortable
Joined
Jul 24, 2015
Messages
619
Reaction score
528
my IPS provider charge a monthly fee ($25) for an static IP, not allowing for DNS services (dynamic IP). If that is the only case, any work around to allow tunnel VPN?
 

ingeborgdot

Pulling my weight
Joined
May 7, 2017
Messages
609
Reaction score
144
Location
Scott City, KS
What is the reason I would need it on my mobile device? I would use it on my computers and surveillance camera server.
 
Top