Hi All,

I'm a brand new OpenWRT user. 

Just upgrade my old faithful WRT54GS to a Netgear WNDR3700v2

Having previously only used Tomato or DD-WRT.

I've been trying, unsuccessfully, to configure redirect (AKA as port forwarding) under both Backfire & Attitude Adjustment.

I do a pure vanilla install of either, only changing the default IP to 192.168.0.1

I setup one rule to redirect WAN TCP-UDP port 5002 to host 192.168.0.10 port 3389.  No dice.
I then try to enable WAN SSH access using another 5000's range port. Also no dice.

I've triple checked everything, reset everything back to default, restored to factory Netgear firmware & reloaded OpenWRT again.

All with no luck.

If I use Gargoyle 1.5.8, port forwarding works fine.

I'm planning to do much more than what Gargoyle offers out-of-box, so I'd really much rather get my OpenWRT working.

I'm assume solution will be a huge DUH!  ... bust after working issue for two nights straight, I'm throwing in the towel, and looking for help here.

Define "no dice", also specify what rules you created *exactly*.
Also please go through this checklist: https://forum.openwrt.org/viewtopic.php … 64#p165364

By "no dice", I mean from WAN side (via my Android phone, or LTE iPad) I can not connect to internal LAN target.

Basically, I'm trying to use Remote Desktop outside my firewall, pointed at my dyndns_hostname:redirected_port_number (e.g. hostname.dyndns.org:5002)

Also tried SSH in, after I enabled WAN SSH & choose a port. Using putty, dyndns & my custom port number, Putty immediately return "unavailable".

Flash Gargoyle, setup port forwarding (with same info), works successfully.

You still didn't specify which rules you configured exactly, also what do you mean by "enable wan ssh and choose a port"? You configured a 2nd dropbear instance and opened a port for it? If yes, how exactly?

I'm currently running Gargoyle, so I don't have exact steps memorized, but basically created new "redirected" rule. From WAN, any ip, both tcp&udp, port 5002, to internal LAN IP 192.168.0.10 port 3389

Regarding SSH, I recall a checkbox to allow WAN access, with option to choose desired WAN SSH port. I clicked check box, and chose port 4292

I did "apply & save" after both above.

The reason I am asking is because there are three port fields when declaring a redirect, src port, intended destination port and destination port. If you fill out the source port with 5002 it will not work, as this refers to the local port of the requesting remote machine, not the public forwarded one.

About the wan access checkbox, it does not do what you think it does. If you choose "wan" there it means that dropbear will only listen on the wan interface (you cannot ssh from lan anymore) and the port is changed from 22 to whatever you specified. That is really just the ssh server configuration, it will *not* create a firewall rule to actually allow this port on wan.