I have no static NAT rules

You have clarified that you have no static NAT. How about dynamic NAT? How is that configured?

I am wondering about the ports that you describe as open or closed. What ports are these? Typically when someone talks about opening ports this is done by configuring static NAT, But you don't have static NAT. So what are we talking about?

Another possibility to explore might be whether there are any access lists/access rules that might be referencing the outside address. Are there access rules in your config? If so how are they set up?

The only other NAT I see is enabled for WAN but no other settings so assume it's the dynamic one.

The ports I'm referring are the 'service ports' in Cisco parlance, that are used in port forwarding. Ports like 443, 465, 993, 21, 22, 80

and others.

There are two ACL's which seem to be defaults. I can't edit or delete them.  One allows all traffic from source VLAN to destination WAN. The other denies traffic from source WAN to destination VLAN. I thought that last one looked odd so I added one before that to allow rather than deny and no change (I assume a lower priority value means higher priority in application). 

Right now the ports magically opened again. Until they close again, there's not much testing I can do.

Thanks

I'm not sure how to post the configuration. Topology is simple. Wan plugs into the WAN port, other things plug into the LAN ports. All the settings are pretty much default. I'm still having trouble with the ports closing. The ISP swears it's not them but I'm not so sure. If when I changed IP address (from one that didn't have the problem from the same ISP) the WAN address was the only change, it seems to point to the ISP. But then when I happens sometimes I make a settings change, they magically open for a while.

Hello,

what country are you in, and who is your ISP ?

One thing you could try, to make sure it is not your router actually doing this, is a factory reset.

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/RV160/Quick_Start_Guide/EN/RV160_qsg_en.pdf

I am still not clear about the ports that sometimes are not open. You have identified some service ports. How are you determining whether the port is open or closed?

When you are experiencing the problem and the ports are closed, do other things work?

You mention several times about port forwarding. In my experience port forwarding is generally done with static NAT. But you tell us there is no static NAT in your configuration. Perhaps you can help me understand what port forwarding you are talking about?

I check if the port is open on site dnschecker.org using the port checker tool. If the ports are closed they are all closed.

The in port forwarding, you specify a range in incoming ports that are used outside the WAN (usually a single port), an internal port that the incoming connection is routed to and an internal LAN IP address. For example. I forward port 465 for smtp mail on the WAN to port 465 on the IP address on the LAN side that handle the incoming email. When someone sends me email, it winds up at WANIP:465 and the router forwards that to LANIP:465 to handle the email.

The static NAT in this routers specifies a starting public IP, a starting private IP, number of addresses and a service port. I'm not sure what I'd use for the public IP - my WAN? Thanks

Thanks for the additional information. The way that you describe the port forwarding seems to be the way that I would describe static NAT. Could you share details from the config of how this is being done?