DSM-G600, DNS-3xx and NSA-220 Hack Forum

So the network layout is this : cable modem <-> (router) Di524 <-> laptops, desktop, Xbox DNS 323 , etc. ?

DNS 323 has to have static internal IP (which is true in your case) from DHCP(router). port 20, 21 have to be forwarded to the local IP for DNS 323. Make shure that domain name is really mapped to your IP address. Just tracert your domain name it should show your WAN IP.

If you could post the screenshots of your setup - especially in the place where you are saying that

allowed ports 20 & 21 externally to access the dns internally

and

LAN settings: gateway is router IP, dns 1 is ISP DNS, dns 2 is router IP

I think the dns2 should be blank, the phrase

allowed ports 20 & 21 externally to access the dns internally

is not clear to me.

here are the screenshots of the firewall rules/virtual server entries on the di-524 as requested.
fwiw I have removed the DNS2 entry from the lan settings in the DNS323, will check tomorrow then from work if that does anything.

kymlp wrote:

I haven't yet managed to get ftp remotely working either, but I can get to the ftp server - I just don't seem to get past the password authentication. Anyway, first things first:

1. Have you successfully been able to login to your router from the internet? This will prove that you can get to it OK. (Set the "remote access" to enabled and see if you can get that far.)

2. Your firewall rules look OK - but I'm not expert. Just an observation - I would never open port 21 on the WAN side to the internet ... way too many hits on that port that can create security issues. Set your external port to something like 8821 on the WAN side, natting to port 21 on the LAN side. Then you ftp xxx.yyy.zzz.vvv:8821 to get to the alternate port.

Good observation in point 2 Never thought about that .... On one side it sometimes creates inconvinience - you would have to explicitly put the port for connection and some users are not comfortable with that but who cares... ?

audifreakje
I went to the Dlink page and found emulator for the DI 524... It gives me some idea what are the settings for your router... I got Linksys so the settings are different. Anyway, there are couple thoughts that I came uo with :

1) Check with your ISP if they have port 21 & 20 open .... Some of the providers as procaution, close most of the frequently used ports except 80.... For example, Telus (Canada) has port 25 closed for SMTP. Shaw(Canada) has closed couple of ports on some of their nodes such as 6881(used mostly for torrent) and 20/21... If this is the case use point 2 from kymlp.

2)In you router there is a button called "Applications" (in Advanced tab). Add ports for DNS 323 FTP server to that page too.

3)Check if you are able to get to the router managment page from Internet ( use instructions from kymlp.) After that type following in Command line:
telnet your host name or wan IP address 21(or any other port you set up your FTP on) and hit Enter

it should come up with something like : 220 Data FTP server(Version wu-2.3.2) ....etc.

That means that you reached FTP server from the Internet.....

How do you do this
"Set your external port to something like 8821 on the WAN side, natting to port 21 on the LAN side. Then you ftp xxx.yyy.zzz.vvv:8821 to get to the alternate port."

specifically the 'natting to port 21 on the lan side'

I did some networking and indeed it seems that my ISP blocks all incoming traffic below ports 1024 coming from other ISPs.
So I will choose another incoming port to do the ftp exercise

audifreakje:
i'm guessing you are from Belgium and have Telenet as ISP, because it's exactly the same problem i am having. i already tried putting the ftp port on the dns above 1024, set the non-standard ftp port in the router at the same (high) port and forwarded the port to the dns. Didn't work and i'm guessing it never will with this ISP.
Ftp'ing externally did work when i was on the Telenet network...