Re: Netgear FVS124G Blocking Ports

Kilimanjaro wrote:

On Jul 31, 9:20 am, "jameshanle...@xxxxxxxxxxx"
<jameshanle...@xxxxxxxxxxx> wrote:
dwish...@xxxxxxxxx wrote:
I have a Netgear FVS124G, and even though i have enabled FTP on
the Firewall it is still blocking Incoming FTP to my server. AOL
messenger will also not run on the standard 5190 port. I have
everything set up properly, and when the Netgear folks load my
config they say it works in their lab. Basically below is a
summary of the current situation

1- Netgear Router on my network, i cannot accept incoming FTP and
cant run AOL messenger. I get the FTP welcome message that comes
on port 21, but nothing else. Everything else seems to work.

2- Plug in my old Linksys router, and i can accept incoming FTP
and run AOL Messenger.

3- If I plug my Netgear into my neighbors CABLE connection, I can
accept FTP connections and AOL run fine.

4- All Outgoing ports are open

5- Plug directly into my modem, I can accept incoming FTP and
run AOL messenger.

I tried 2 different Westell DSL Modems, and also a Netopia DSL
modem. The Netgear will not work with either, the Linksys works
with both. I even got an RMA from Netgear and the replacement
didnt work. I am running the latest firmware also, and also
tried previous firmware versions.

Oddly I see this in the Netgear Logs

MON JUL 30 19:42:53 2007 time="2007-07-30 19:42:46 Mon " proto=6-
tcp packet - Source:=64.12.161.185 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 2801 Dst 5190 from WAN
n/w]

MON JUL 30 19:44:44 2007 time="2007-07-30 19:44:23 Mon " proto=6-
tcp packet - Source:=207.69.235.28 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 21 Dst 1422 from WAN n/w]

If any one has any suggestions it would be greatly appreciated!

Thanks,
Donnie

there is a general problem that sometimes one device is only accepts
things strictly, and another sends it leniently. That's just a
theory. I have had a computer that only accepted one of my
monitors. A ps2-usb adaptor that worked in one comp and not
another. But another ps2-usb adaptor worked in both. As far as I am
concerned, the one that didn't work in all of them is bad, it's not
reliable(in a portable sense).

If netgear won't give you a refund, you could try asking for a
different model of netgear router.

You could try changing the cable(telephone cable going from wall to
router). Maybe the packet is getting corrupted there.

It could be that the packet being sent is corrupt, and is getting
accepted, by other routers you tried, and your OS. You could check
the checksum yourself, looking at it with a packet sniffer like
ethereal. Maybe the packet sniffer will check it. I don't know the
calculation offhand.

One thing you could try is changing the MTU. It's a setting that
might be related to the IP Header. Try 1500, maybe another value,
just to test. I searched for ping 1500, You could
tryhttp://www.opus1.com/www/ping.html That should ping your machine
with different sized packets - you specify the size. It'd be
interesting if some get through and not others. Put ethereal on
your machine and watch. Hopefully your router doesn't block pings
/ allows you to tell it to allow them)

Those are really wild suggestions though, stabs in the dark. I'm
sure others can do better.

Another suggestion could be to try doing what you are doing
locally. So just using the switch aspect of your "home router", see
if that works or not.
It looks like you've already tried from different source comps. You
could try a different ISP (in uk some dialup ISPs are free to sign
up and are PAYG , and they'd go through a different router). It
could be your ISP's router that is playing up a bit.

gtg!

--- Hide quoted text -

- Show quoted text -

Yeah that could be. Here is an interesting tidbit from the Netgear
FVS124G log.

MON JUL 30 19:42:53 2007 time="2007-07-30 19:42:46 Mon " proto=6- tcp
packet - Source:=64.12.161.185 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 2801 Dst 5190 from WAN n/w]

MON JUL 30 19:44:44 2007 time="2007-07-30 19:44:23 Mon " proto=6- tcp
packet - Source:=207.69.235.28 - Destination:=74.229.74.163 -
[Checksum mismatch, dropping packet Src 21 Dst 1422 from WAN n/w]

It looks like the FTP and AOL are experiencing checksum mismatches.
What I don't understand is I gave this to Netgear Escalation Support
in CA, and they have not given me any answer on it. They did give me
a new BETA firmware, but it didnt work. I have in the meantime also
treid 3 different DSL modems, and nothing has changed. Who in the
world would be the right folks to contact regarding the checksum? I
guess it could be my line, but it could also be a Firmware bug no?

thanks!
Donnie

you said you tried the netgear with a cable modem, in your friend's
house. and it worked

But in your house, your tried it with dsl modems and it didn't work.
Whereas a linksys worked with those modems. It could be that your
netgear router has a problem with DSL modems.

That would be my suspicion thus far.

i.e. this may not be some conflict between isp and router involving
packets.

Try the netgear with a DSL modem, at the house of a friend that has
DSL! There's a good change it won't work!

Another variable is ISP. If your friend has a different ISP, and it
screws up, then it really points to it being netgear's issue with DSL
modems.

your computer isn't a variable because the problem sort of occurs
before reaching it.

Most people using DSL, have a router/modem unit. Not 2 separate units.
They may get 2 separate units though, if they need better features from
the router. Though actually, I have not yet seen a plain dsl modem,
they all seem to use NAT and be a router. Maybe USB ones are but I
doubt it. I had a westell which the retailer thought was a plain modem,
but turned out it had NAT and DHCP, and no doubt I suppose did routing.
You can prob use your Westell and take the netgear router out the
picture - though the Westell would prob only have primitive router
features compared to the separate router unit. Or use your linksys
router. Or if all your DSL friends had the same ISP, you could change
the ISP variable by changing ISP !! This was a silly paragraph from
me, but the paragraphs above are ok!

If the new firmware doesn't work, that's one less thing they can ask
you to do before offering a replacement or refund of some sort. But if
you do your own diagnosis, it may mean you find the problem to the
extent that for example, maybe you want them to send a different model
or something. Maybe you'd want them to do that anyway!

I can describe something in theory that'd help diagnose it. Set up a
linux router with a packet sniffer and check the CRC. Whether it is a
mismatch and other routers are accepting it. Problem could be at ISP
Router. Or whether it isn't a mismatch, and this netgear router is
screwing up - with DSL modems.

Here's an easier test.. Use your linksys router, then connect your
netgear into that one. See if your netgear rejects packets for CRC
reasons.. If it does, then you can actually check the CRC, with a
packet sniffer like ethereal. From any windows machine connected to
the linksys instead of the netgear.


--
.