ASUSTOR Community Forum

[dbdigital57]

I have set EZConnect and ports are open on router. The DDNS works as it goes to my local ISP address when I ping myname.myasustor.com

Get a Gateway Timeout to the proper IP address of my ISP connection - so DDNS translation is sound.

The Windows EZConnect app can't reach either.

Any ideas of what Router setting might be a problem? I've opened all I can think of even setting a DMZ to the IP for my AS1004T NAS to open up everything.

Same results!

[MikeG.6.5]

Manually open the ports for the apps you want remote access to. Don't mess with DMZ's or EZ-Connect. Reliability is just not there with either method. The only sure fire way is to do as the industry does, opening the ports to the outside.

[dbdigital57]

Thanks, so is the EZ-Router method on the Manual Connect not wise to use?

Which specific ports then do I open on router and type (TCP vs UDP)?

[orion]

Here is port list:
https://support.asustor.com/index.php?/Knowledgebase/Article/View/116/0/what-network-ports-are-used-by-asustor-services

[MikeG.6.5]

I've several posts in this forum about why manually forwarding ports is the preferred method to make sure you have remote access to your NAS services. But it all comes down to this: Most consumer grade routers and even a vast majority of the professional ones automatically close all uPnP ports when those ports are silent for some random period of time. This time frame it not configurable. The firmware is set up to do this to free up memory, which is a precious commodity on a router.

Because EZ-Router uses uPnP to open those ports, it's pretty easy to see why you lose connection. The router closes the ports, and then fails to reopen them when data is requested on the port. It's a pretty common failure point, and one I've written extensively about in various Plex Media Server threads, as well as other threads here.

Your NAS is, for all intents and purposes, a server. The only 100% reliable, repeatable and consistent method to ensure you have access to its services is to manually open the ports on the router for each of the services you want access to. All of the big network servers you see on the internet have had this done, which is why you can get to their services reliably.

Some ports are standardized. These ports are open to hacking and phishing attacks by would be hackers. One method to reduce the chances of hacking being successful is to use non-standard ports on the outside. For instance, FTP usually uses port 21. By opening up port 221 outside to port 21 inside, you can reduce the chances of hackers gaining access to your device. Some applications, such as Plex Media Server need to know the outside port, as well as the inside port. PMS uses 32400 normally, but in the settings pages, there is a place to put different port numbers. So, you would open say 48400 to go to 32400 inside and then tell PMS in the settings you are using 48400.

HTH

[Cheval]

This is the FIRST update that has COMPLETELY broken the UPNP functionality. Don't know what the CR#P they did to this functionality, but it has been working for years until the "official" release. Even the beta release worked just fine. Now for one example, try enabling the mail server functionality. An important port 25 never gets setup.

As far as I'm concerned, this "official" release is CR#P. Please backport to the beta!!!!!! 1000% better than this!!!!!

I understand you comments about setting this port forwarding up manually. I agree its probably much more reliable, but as far as "usability" its a lot hard to maintain.

[MikeG.6.5]

Manually forwarding ports is NOT hard at all. It takes a bit of reading and allows you to have an added layer of security that uPnP just doesn't provide.

Set it up once, be done with it. Change routers, copy the info down (screen shot) and put it into the new router. Can't get any easier than that. Even updating the router's firmware shouldn't be that difficult. My routers all keep the forwards on each update. (And I update on every new patch, unlike some people that don't bother with it until they lose some given type of functionality.)

uPnP is out right dangerous, and is a protocol suite I wish were banned. Relying on it opens your network up to all sorts of hacking/phishing attacks. If you don't care about protecting yourself and your data, keep using it.