I've pulled my hair out for four hours trying to figure out what's wrong here. I have checked every setting on every configuration page for both routers looking for an issue, and everything is set up correctly. All internal subnet connections work and the external port tests work, but the connection still refuses when attempting externally. If anyone has any advice for what I might be missing, please tell me!
(I am posting from work, so I believe I have the models right, I will need to double-check this evening. Apologies in advance if the information is insufficient.)
The setup:
Two computers running RealVNC servers on a Linksys router. The router is connected to a D-Link router/modem, which then connects to my DSL provider. (Again, these models might not be exact--I'll double check tonight and clarify the models I'm using.)
The Linksys router creates a 192.168.2.X subnet. The Linksys router has an internal IP of 192.168.2.1. The computers have static IP addresses of 192.168.2.10 and 192.168.2.11. The Linksys router has an external IP of 192.168.1.2.
The D-Link router/modem creates a 192.168.1.X subnet. The D-Link router/modem has an internal IP of 192.168.1.1. The router/modem has an external dynamic IP in the range of 184.7.X.X. I have also configured a freedns.afraid.org to route a static address to the dynamic address...for now, I'm keeping it manually updated, but will set up an auto-update later.
Forwarding and DMZ:
The .2.10 computer accepts RealVNC on 5910 and .2.11 accepts RealVNC on 5911. The Linksys router is configured to port forward all incoming 5910 connections to .2.10 on port 5910, and all incoming 5911 connections to .2.11 on port 5911.
For the D-Link, I have tried two configurations: I have port forwarded 5910 and 5911 connections to .1.2 (which is the Linksys' external on the D-Link's subnet), and have also tried to set .1.2 as the DMZ on the D-Link's subnet. Both are having the same issue described below.
The Things That Work:
- Direct IP RealVNC connections within the Linksys .2.X subnet work. I can directly connect to 192.168.2.10:5910 and 192.168.2.11:5911 with RealVNC.
- Direct IP RealVNC connections to the Linksys router's external IP work and forward ports correctly. I can connect to 192.168.1.2:5910 and 192.168.1.2:5911 and they correctly connect to the appropriate computers.
- Web-based port checkers verify that my external dynamic IP address have the 5910 and 5911 ports open when I have the D-Link exposing the Linksys in both DMZ mode and port forwarding mode.
- If I set one of the computers' RealVNC servers back to the default 5900 port and move the port forwarding around to match, RealVNC's website has a port checker that hits 5900...and it not only sees an open port, but recieves the version information of my VNC server, indicating that my RealVNC is responding.
The Issue:
When I try to connect RealVNC to either of the computers externally (either directly connecting to the current dynamic IP like "184.7.123.45:5910" or through the redirect like "mysubdomain.us.to:5910"), the connection is refused, even when all of the previously listed tests pass just fine.
Viewers Used:
I have duplicated all of the results with (1) a viewer on my main computer, the .2.10, (2) a viewer on an iPad on the Linksys .2.X subnet, (3) a viewer on a laptop on the .2.X subnet and the .1.X subnet. I have also attempted external connections using a laptop and an iPad running on a mobile phone hotspot so as to be completely separated from my home network when attempting external connections.
Another thing I tried:
I pulled out an old DSL modem with no router and wired my .2.10 computer directly to it. I checked the modem'ssettings to make sure it had no firewalls set up and was sending all internet traffic directly to my computer. I temporarily disabled all firewalls on my computer, making sure that it was a completely open machine on the internet.
Again: internal IP connection from the computer to itself (viewer on the computer to it's own IP address to hit its own server) works fine. External connections to the public IP show an open port, but the connection is refused.
So...
I am baffled am frustrated. What am I missing? Is there some other explanation for why this wouldn't work? Thanks in advance for any assistance you can provide.
(I am posting from work, so I believe I have the models right, I will need to double-check this evening. Apologies in advance if the information is insufficient.)
The setup:
Two computers running RealVNC servers on a Linksys router. The router is connected to a D-Link router/modem, which then connects to my DSL provider. (Again, these models might not be exact--I'll double check tonight and clarify the models I'm using.)
The Linksys router creates a 192.168.2.X subnet. The Linksys router has an internal IP of 192.168.2.1. The computers have static IP addresses of 192.168.2.10 and 192.168.2.11. The Linksys router has an external IP of 192.168.1.2.
The D-Link router/modem creates a 192.168.1.X subnet. The D-Link router/modem has an internal IP of 192.168.1.1. The router/modem has an external dynamic IP in the range of 184.7.X.X. I have also configured a freedns.afraid.org to route a static address to the dynamic address...for now, I'm keeping it manually updated, but will set up an auto-update later.
Forwarding and DMZ:
The .2.10 computer accepts RealVNC on 5910 and .2.11 accepts RealVNC on 5911. The Linksys router is configured to port forward all incoming 5910 connections to .2.10 on port 5910, and all incoming 5911 connections to .2.11 on port 5911.
For the D-Link, I have tried two configurations: I have port forwarded 5910 and 5911 connections to .1.2 (which is the Linksys' external on the D-Link's subnet), and have also tried to set .1.2 as the DMZ on the D-Link's subnet. Both are having the same issue described below.
The Things That Work:
- Direct IP RealVNC connections within the Linksys .2.X subnet work. I can directly connect to 192.168.2.10:5910 and 192.168.2.11:5911 with RealVNC.
- Direct IP RealVNC connections to the Linksys router's external IP work and forward ports correctly. I can connect to 192.168.1.2:5910 and 192.168.1.2:5911 and they correctly connect to the appropriate computers.
- Web-based port checkers verify that my external dynamic IP address have the 5910 and 5911 ports open when I have the D-Link exposing the Linksys in both DMZ mode and port forwarding mode.
- If I set one of the computers' RealVNC servers back to the default 5900 port and move the port forwarding around to match, RealVNC's website has a port checker that hits 5900...and it not only sees an open port, but recieves the version information of my VNC server, indicating that my RealVNC is responding.
The Issue:
When I try to connect RealVNC to either of the computers externally (either directly connecting to the current dynamic IP like "184.7.123.45:5910" or through the redirect like "mysubdomain.us.to:5910"), the connection is refused, even when all of the previously listed tests pass just fine.
Viewers Used:
I have duplicated all of the results with (1) a viewer on my main computer, the .2.10, (2) a viewer on an iPad on the Linksys .2.X subnet, (3) a viewer on a laptop on the .2.X subnet and the .1.X subnet. I have also attempted external connections using a laptop and an iPad running on a mobile phone hotspot so as to be completely separated from my home network when attempting external connections.
Another thing I tried:
I pulled out an old DSL modem with no router and wired my .2.10 computer directly to it. I checked the modem'ssettings to make sure it had no firewalls set up and was sending all internet traffic directly to my computer. I temporarily disabled all firewalls on my computer, making sure that it was a completely open machine on the internet.
Again: internal IP connection from the computer to itself (viewer on the computer to it's own IP address to hit its own server) works fine. External connections to the public IP show an open port, but the connection is refused.
So...
I am baffled am frustrated. What am I missing? Is there some other explanation for why this wouldn't work? Thanks in advance for any assistance you can provide.