Hello Georg,

I thank you for your suggestion, but, unfortunately, it raises more questions than it answers:

First, what is the connection between protocol binding, and my original request -

Once I log in to the router, where, and how, do I assign a specific forwarded port to a particular static IP address?

and next, after reading the manual's information about protocol binding on page 57, I was unable to find any such checkbox when I logged in to the router. So, I searched the help file, and it pointed me to the Dual WAN page. But, no comment about protocol binding appears on that page, so I remain confused.

Sincere thanks for any further help,

Lothar

Hello Lothar,

sorry for the misunderstanding. 

Are there any entries in the port forwarding table (page 35, step 1) ? 

Hi again,

There is one entry in the Port Forwarding table. It says 

Thanks for your help,

Lothar

Hello Lothar,

so all ports are forwarded for only this one IP address. What ports do you want to have forwarded from which IP addresses ?

Hi again,

Let's assume that I want IP address 192.168.77.### to forward to port 1234.

How would I do that?

Many thanks, as before,

Lothar

Lothar,

to be sure I understand what you are trying to accomplish: do you need (in IOS):

ip nat inside source static tcp 1234 192.168.77.124 212.23.24.2 1234

Hi Georg,

Here's the question I am trying to have answered:

Once I log in to the router, where, and how, do I assign a specific forwarded port to a particular static IP address?

but, I am happy to provide more detail:

You asked if I had any entries in the port forwarding table. Of course, the answer to that question could be something like "yes" or "no" but trying to avoid confusing matters, I posted the table as it now appears.

You looked at the table and described it by saying:

"so all ports are forwarded for only this one IP address. What ports do you want to have forwarded from which IP addresses ?"

I responded "Let's assume that I want IP address 192.168.77.### to forward to port 1234." because it seemed unlikely that the method to be used to associate
"a specific forwarded port to a particular static IP address?" would depend upon the digits in the ip address or the port.

Next, you wrote:

"to be sure I understand what you are trying to accomplish: do you need (in IOS):

ip nat inside source static tcp 1234 192.168.77.124 212.23.24.2 1234" so, it would appear that I did not communicate clearly with my example.

You wrote: "static tcp 1234 192.168.77.124 212.23.24.2 1234" That long string may be perfect. But with my very limited understanding, that appears to represent two ip addresses surrounded with "1234." I also don't know if your use of the service is to indicate that I should be choosing TCP when I enter something in the forwarding table. 

I don't recall including any mention of IOS, so will leave that aside for now.

Here is more information that may help:

I use RealVNC to connect my phone to my office computers.

Each office to which we connect has an assigned static IP address.

So that RealVNC can get to each system, it connects to an externally (WAN) visible forwarded router port. Each static IP address apparently needs two WAN ports associated with it, one for "listening" and one for "responding" to connections over the WAN from my phone.

When I am on my phone, and look at the address RealVNC is trying to reach it is formatted as something like this 198.231.77.154::6732. where "198.231.77.154" is the the router's WAN ip address, and "6732" is the WAN visible port that the router has associated with the static ip address of the system I am trying to reach.

I have no understanding whatever of the notion of Services means in this context, so I don't know what to choose, or generate, with regard to services when I try to modify the forwarding table. Also, to get the forwarding I need, I don't know if I should be choosing one of the many available choices, modifying one, or adding one, or more, to the list.

As before, please accept my thanks,

Lothar

Lothar,

what you need is called Port Address Translation. 'Service' in that context is simply the name of the protocol, such as DNS, FTP, HTTP, and so on.

I have tried to find a link with screenshots, below is I think pretty concise. RealVNC probably doesn't show up in the default drop down list of services, so you will need to add it first (this is described in the second half of the attached document, Service Management --> Add Service).

https://sbkb.cisco.com/CiscoSB/GetArticle.aspx?docid=5b8b8dbc749d4c5ea96b680002e087f3_Configure_Port_Address_Translation__PAT__on_RV320_Router.xml&pid=2&converted=0

Hi Georg,

You have suggested I can do what I need using Port Address Translation, and I read the doc you link with care.

I modified the PAT Table so it now looks like this:

You also wrote 'Service' in that context is simply the name of the protocol, such as DNS, FTP, HTTP, and so on.

But telling me that "Service" is essentially another name for "protocol" tells me nothing about what service, or protocol, I should be using.

In the table I included above I chose TCP because I had some vague memory that this was the setting I used back when I had success with Port Forwarding prior to my router resetting itself.

In the Port Address Translation table I entered ports 5308-5309 because those are the ports used by RealVNC for this connection. And finally, next, I entered the static IP of the computer on our LAN that to which I hope to connect with my phone.

Do those setting appear to be correct based upon my description?

I ask because moments ago, my phone was successful in connecting to the system, but now, when I try to connect, I see an error on the phone that says "The computer's IP address could not be contacted."

I have made two changes:

I changed the static IP address of the internal machine to one that was not in the DHCP pool, and I made the entry to the Port Address Translation Table as just above. One of those would seem to have broken my only successful connection.

And finally, might you tell me what information I provided in my last post that caused you to suggest the use of Port Address Translation process? I ask because before my router reset, I had been able to connect to all our systems from my phone and never before had I used (or even noticed) the concept of Port Address Translation.

Sincere thanks for your assistance,

Lothar

Lothar,

your settings are correct.

Port Address Translation is typically used when you have only one public IP address and multiple LAN addresses. You are essentially mapping all those addresses to one single public IP address.

Reading through your original post, what happened prior to the router going back to factory defaults ? It might be a good idea to actually manually reset the router to factory defaults, and also make sure the firmware is up to date.

Hi Georg,

You wrote:

"your settings are correct."

But now, with those correct settings, I cannot contact any of our office systems from my phone. Earlier today, before modifying the Port Address Translation table, I was able to connect my phone to one of the systems on our LAN.

You wrote:

"Port Address Translation is typically used when you have only one public IP address and multiple LAN addresses. You are essentially mapping all those addresses to one single public IP address."

But again, I am confused. I do have multiple systems on our LAN, and would like to be able to reach about 4 of those systems with my phone using RealVNC. If, as you say, using PAT, I would be "mapping all those addresses to one single public IP address" how would my phone be able to reach a single system?

You wrote:

"Reading through your original post, what happened prior to the router going back to factory defaults ? It might be a good idea to actually manually reset the router to factory defaults, and also make sure the firmware is up to date."

The first line of my original post said "I use an RV320 router, and for some reason it reset itself to factory defaults."

The phrase "some reason" was to convey that I had no understanding of what caused the reset. I had become aware of a variety of routing problems, logged in to the router, and saw that my long familiar settings were gone. With that, I tried to re-enter them, and as I had further difficulty, I posted here.

Of course, I will check to see that the firmware is up to date.

As before, many thanks for your efforts, but I will now remove the new PAT entry because things were functioning in a better way before I created it,

Lothar

Hello Lothar,

the PAT you added ONLY allows for RealVNC connectivity. Everything else you need you will have to add as well. I don't know what your previous configuration looked like.

That said, losing your entire configuration is a bit odd. Make sure your firmware is updated to the latest version. 

Also, if you are not using both WAN ports, make sure the one that is not in use is disabled...

Hello,

I have RealVNC working properly again...

Each system to be reached by RealVNC will require entries in the router settings.

Here are the two steps for others who might have the need:

1: log into RV320 router and in left panel choose DHCP, then IP & MAC binding. Then assign a static IP address to each system you wish to reach with RealVNC. It is best to assign addresses that are not part of the DHCP available pool of addresses. Then, set each of the systems to use those new static IP addresses.

2: Again in the left pane, choose Setup, then Forwarding. Once there, near the top, click on Service Management, and scroll to the bottom. Click Add. There, create one entry for each system you wish to reach with RealVNC. Mine look like this: Joe --- TCP --- 5318~5319. (Where those last numbers are the forwarded ports suggested by the RealVNC service on the machine called Joe.)

Above the Service Management button you just used, you will see the Port Range Forwarding Table. Each system to which you wish to connect will require its own entry. Click the Add button and a field will open starting with the words All Traffic. Click its down arrow, and scroll down to the first service you created just above. Enter that system's (static) IP address, and click the box on the right to Enable this entry. Repeat for each system to which you hope to connect.

I apologize in advance if I have neglected to include something, but hope that this is of use to others.

All the best,

Lothar