Port forwarding suddenly stopped working..

[TheWhiteKnight]

I've noticed for awhile after an old android app update that the wan connection was slow to connect and load vs the speed on lan but I put up with it and double notifications for the same alert for awhile. I don't know if that helps at all but suddenly I can't connect at all by wan now.

Thought it was due to the newest mobile app update because I was still able to connect to wan while on lan until I realized it doesn't work at all outside of the network. I keep getting a "connection timed out" error whether on mobile, web or canyouseeme.

I can't figure out why the port forwarding just closed on its own on this RT-AX88U, while still showing the rule and the setting enabled. I didn't do any thing except maybe a new windows update but no settings were changed anywhere and it was all working fine. I just suddenly noticed the app wasn't pushing notifications then saw the issue.

There's nothing special about the setup at all regarding VPN, DNS, HTTPS etc. I've tried rebooting router by power cable and updating the firmware, disabling windows firewall and rebooting PC etc. I was also still on V4 of BI but I went to 5.5.7 and it's still the same. Again the forwarding rule was working fine and it's still there without issues on port 81. I changed it all to 8181 but it's still timing out.

Pretty stumped here any ideas?

*Remote Access Wizard/Test all green except failing the final test that checks the external port is visible to internet.

 

[fenderman]

Confirm that the pc's local ipaddress did not change

 

[TheWhiteKnight]

That's usually the first thing I check and comcast barely refreshes them as much as they used to so haven't needed to in a long time but yes it's all the same.

 

[TonyR]

Check to see if that Windows update you mentioned changed your LAN type to "Public", should likely be "Private".
I had a chiropractor's workstation PC get updated like that last fall and kept it from reaching the server on their LAN.

 

[fenderman]

That's usually the first thing I check and comcast barely refreshes them as much as they used to so haven't needed to in a long time but yes it's all the same.

You misunderstood. You LOCAL ip address of the pc not your external WAN address. The port forward rule is specific to a local address.

 

[TheWhiteKnight]

Check to see if that Windows update you mentioned changed your LAN type to "Public", should likely be "Private".
I had a chiropractor's workstation PC get updated like that last fall and kept it from reaching the server on their LAN.

You were correct it did do that, I moved the network back to private but port is still timing out. I have tried disabling windows firewall, zonealarm and the routers firewall all at once and still nothing! There's no other filtering enabled and the router has no other issues and was performing flawlessly. Not sure how else I can isolate the issue. There's only one router in the network as well.

You misunderstood. You LOCAL ip address of the pc not your external WAN address. The port forward rule is specific to a local address.

Yes I check both of them, the LAN does match in the rule.

 

[fenderman]

You were correct it did do that, I moved the network back to private but port is still timing out. I have tried disabling windows firewall, zonealarm and the routers firewall all at once and still nothing! There's no other filtering enabled and the router has no other issues and was performing flawlessly. Not sure how else I can isolate the issue. There's only one router in the network as well.



Yes I check both of them, the LAN does match in the rule.

first check to confirm the port is open

Open Port Checker

Check for open ports on your network fast and easy. Great if you are port forwarding! Save results & view them later.

ipcamtalk.com

if it still blocked and you are using the correct settings, its likely a firewall rule.
You can also try deleting the rule and recreating it.

 

[TheWhiteKnight]

Checker showed it failed, port closed and I've tried deleting and recreating it already to no avail. I even forced the rule name to be Blue Iris thinking it had to be exactly that, I've disabled and re-enabled the port forwarding master button, rebooted everything multiple times and did another round of the newest windows updates hoping it would unbreak something but something has it blocked off like i've never seen before.

Instinct like you says it's firewall/filter related and/or windows update modified something else but again I've tried disabling all that which almost always is SUPPOSED to fix the issue, at least temporarily but isn't in this case.

 

[fenderman]

Checker showed it failed, port closed and I've tried deleting and recreating it already to no avail. I even forced the rule name to be Blue Iris thinking it had to be exactly that, I've disabled and re-enabled the port forwarding master button, rebooted everything multiple times and did another round of the newest windows updates hoping it would unbreak something but something has it blocked off like i've never seen before.

Instinct like you says it's firewall/filter related and/or windows update modified something else but again I've tried disabling all that which almost always is SUPPOSED to fix the issue, at least temporarily but isn't in this case.

you can step up your security and use zerotier or vpn and solve your problem that way. Zonealarm has been known in the past to cause remote connection issues with port forward. Try uninstalling.

 

[TheWhiteKnight]

Yeah I was planning on tackling that as soon as I solved this issue before jumping to the next level but it might be my only way out now, and in ZA's defense it has performed flawlessly for well over a decade. I double checked its rules and tried manual mode which shows every single connection attempt, there were no updates done on the app or any changes made with it before it occurred too.

Is the vpn used together with https in BI? Can you recommend a thread or resource to follow in setting it up properly? Happy to do whatever is considered best practice now and get away from the risk of an ip change while travelling!

 

[TheWhiteKnight]

I'm also wondering if this newer looking feature for port triggering could be used instead of port forwarding for BI?

[Wireless Router] Port Trigger introduction and set up | Official Support | ASUS Global

"WAN - Port Trigger ~ Port Trigger allows you to temporarily open data ports when LAN devices require unrestricted access to the Internet. There are two methods for opening incoming data ports: port forwarding and port trigger. Port forwarding opens the specified data ports all the time and devices must use static IP addresses. Port trigger only opens the incoming port when a LAN device requests access to the trigger port. Unlike port forwarding, port trigger does not require static IP addresses for LAN devices. Port forwarding allows multiple devices to share a single open port and port trigger only allows one client at a time to access the open port."

 

[TheWhiteKnight]

Problem 80% resolved! It turns out it was a combination of both windows having made it public instead of private (I failed to reboot after making the change) and also after the reboot it did not work until I snoozed ZA and tried again then Finally I got the prompt for a blue iris connection attempt. So technically you were both correct! I remember snoozing ZA before but it did not prompt any connection attempt, I believe changing to private network finally allowed that. Oddly enough when I unsnooze ZA now it can't connect again despite allowing BI completely, only snoozing it works now which is a separate issue in itself.

So i'm back to the old problem where it loads very slowly on wan vs lan. I think this has something to do with ZA having a huge backlog of about 115k access attempts blocked since installation and over 5000 programs being secured (endless duplicates) and this all hangs the system because it freezes just from trying to load the list. There's no way to clear it afaik beside reinstalling so I will take your advice and retire ZA as I can't afford to have this issue randomly occur again.