# dlink NAT/firewall problem



## acpo (Aug 31, 2003)

I have dlink gamerlounge DGL-4100

I want a way to disable the NAT & firewall completely. I want it to route traffic but not block any ports. a lot of my applications are broken. how do I do this?


----------



## TerryNet (Mar 23, 2005)

I didn't find a User Guide online, so maybe you'll have to read whatever one came with your router. That router claims to have greatly advanced technology, but I seriously doubt that it contains any technology to route traffic w/o using Network Address Translation. The simple way to disable NAT is just don't connect anything to the WAN port.


----------



## JohnWill (Oct 19, 2002)

NAT "is" how a router functions, if you disable NAT, you disabled the routing function. In order to support multiple IP addresses on a single public IP address, you need the NAT function.


----------



## acpo (Aug 31, 2003)

well, I've disabled the firewall but incoming ports are still being blocked and that's resulting in tons of stuff not working


----------



## JohnWill (Oct 19, 2002)

You need to use port forwarding for specific ports to specific machines to pass the requests through the NAT layer of the router. Rather than try to guess specifics of your router and your application, visit www.portforward.com, they have many tutorials on how to port forward for most router models.


----------



## acpo (Aug 31, 2003)

I've forwarded the ports but I'm still getting things blocked

I'm getting lots of these


```
[INFO] Wed Feb 04 02:21:02 2004 Blocked incoming TCP packet from 83.184.111.245:30087 to 69.129.203.171:4120 as PSH:ACK received but there is no active connection
[INFO] Wed Feb 04 02:20:20 2004 Blocked incoming TCP packet from 91.4.18.248:60275 to 69.129.203.171:4436 as SYN:ACK received but there is no active connection
[INFO] Wed Feb 04 02:20:15 2004 Blocked incoming TCP packet from 91.4.18.248:60270 to 69.129.203.171:4436 as SYN:ACK received but there is no active connection
[INFO] Wed Feb 04 02:20:12 2004 Blocked incoming TCP packet from 91.4.18.248:60262 to 69.129.203.171:4436 as SYN:ACK received but there is no active connection
[INFO] Wed Feb 04 02:20:09 2004 Previous message repeated 1 time
[INFO] Wed Feb 04 02:19:32 2004 Blocked incoming TCP packet from 84.25.114.239:61097 to 69.129.203.171:4352 as SYN:ACK received but there is no active connection
[INFO] Wed Feb 04 02:19:23 2004 Previous message repeated 2 times
[INFO] Wed Feb 04 02:16:58 2004 Blocked incoming TCP packet from 84.25.114.239:60684 to 69.129.203.171:4059 as SYN:ACK received but there is no active connection
[INFO] Wed Feb 04 02:16:49 2004 Previous message repeated 2 times
[INFO] Wed Feb 04 02:15:22 2004 Blocked incoming ICMP error message (ICMP type 3) from 81.179.119.219 to 69.129.203.171 as there is no UDP session active between 69.129.203.171:59122 and 192.168.1.2:49152
[INFO] Wed Feb 04 02:15:01 2004 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.0.10 to 72.27.37.207
[INFO] Wed Feb 04 02:15:01 2004 Blocked outgoing ICMP packet (ICMP type 3) from 192.168.0.10 to 85.219.142.7
```
I'm pretty sure it's thinking things are malicious that really aren't. you can set computers "out of the demilitarized zone" (their words), but even that doesn't help


----------

