Forwarding port 443 for WHS - conflict with connectToCiscoAP

Teacher

Forwarding port 443 for WHS - conflict with connectToCiscoAP

I previously had my WHS set up and working fine for remote web acces for use with my AT&T Uverse internet. However, I think the RG has recently had a software update or something, as it has lost all my settings. Now, when I try and set it up to open ports 433, 4125 and 80 for WHS, it comes up with the following error:

 

WHS Ports conflicts with connectToCiscoAP which is currently in use on Cisco_AP_ATT.

WHS Ports and connectToCiscoAP use the same resources and cannot both be hosted at the same time. To use WHS Ports, you must first remove connectToCiscoAP from the application list of Cisco_AP_ATT. Alternatively, you can install the applications on one computer and add both application profiles to the application list for that computer.

 

Any idea whether its safe to remove the "connectToCiscoAP" rule and allow my rule so that I can connet to my WHS from the web? Will it mess up my TV or wireless TV receiver or something? I don't recall having this issue last time I set it up, but may have forgotten!! Many thanks.

Message 1 of 37 (11,351 Views)
ACE - Expert

Re: Forwarding port 443 for WHS - conflict with connectToCiscoAP


Computer-Joe wrote:

... If you get a router that has port translation, pretty much any brandname router, you can have your requests from the internet come in on the alternate port (4433) and the router will "translate" that external port request to the proper port (443) before forwarding the request to the WHS. This should be much simpler than mucking about with what is probably hard coded in the server kernal.

 

 


Won't the 2WIRE do port translation in the Port Forwarding rules?

 

 

*The views and opinions expressed on this forum are purely my own. Any product claim, statistic, quote, or other representation about a product or service should be verified with the manufacturer, provider, or party.
Message 31 of 37 (1,280 Views)

Re: Forwarding port 443 for WHS - conflict with connectToCiscoAP


JefferMC wrote:

 

Won't the 2WIRE do port translation in the Port Forwarding rules?

 

 


 

 

 

They didn't have port triggering or port forwarding back when I had one, but that was 4 years ago. It would be easy enough to find out if they've added it since then. Just go to the port forwarding page and see if they have an entry for both external and internal port numbers.

 

Somejoe would have the definative answer I bet.

 

 

 




__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

                              

Message 32 of 37 (1,269 Views)
Teacher

Re: Forwarding port 443 for WHS - conflict with connectToCiscoAP

Thanks for the info computer-Joe, I'll take a look into that. I do have a spare cable router lying around that might work, but is only 100MBPs, rather than Gbit, so not ideal.

I haven't been able to do much digging on the WHS 2011 changing the ports, but I'll take a look over the weekend. Thanks again.
Message 33 of 37 (1,260 Views)
Expert

Re: Forwarding port 443 for WHS - conflict with connectToCiscoAP

Yes, the 2Wire can do port translation, but I didn't suggest that as a solution because in this case, the WHS has links and functionality on the non-encrypted HTTP site (port 80) that refer to the secure site without specifying a port. This means that clicking on those links will fail, since the external web client will be trying to go to port 443, when it should go to 4433.

Only if the WHS is aware that the secure site is supposed to be running on 4433 (or another alternate port) will the links work correctly.

Furthermore, if you use port translation like this (not just for WHS, but for any service) then that means that the URL to get to the service is different depending on whether you're inside the network or outside the network. This screws up things like bookmarks, because they'll only work from the side of the network they were created from.

Message 34 of 37 (1,254 Views)

Re: Forwarding port 443 for WHS - conflict with connectToCiscoAP


SomeJoe7777 wrote:
Yes, the 2Wire can do port translation, but I didn't suggest that as a solution because in this case, the WHS has links and functionality on the non-encrypted HTTP site (port 80) that refer to the secure site without specifying a port. This means that clicking on those links will fail, since the external web client will be trying to go to port 443, when it should go to 4433.

Only if the WHS is aware that the secure site is supposed to be running on 4433 (or another alternate port) will the links work correctly.

Furthermore, if you use port translation like this (not just for WHS, but for any service) then that means that the URL to get to the service is different depending on whether you're inside the network or outside the network. This screws up things like bookmarks, because they'll only work from the side of the network they were created from.



So, if the OP is just looking for personal remote access to their server/shares (as opposed to putting up a public server/site) they can create an external book mark that points directly to the the secure port and just bypass the unsecure port? Besides, one extra bookmark (one for internal access and one for external access) aint gonna break the bank.

 

If there's no public website, the most you should get by going to the unsecure port should be a link to the secure login page, and maybe not even that if the OP has the certificates set up to deny any other external access other than the OP's computer(s).

 

 

 




__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

                              

Message 35 of 37 (1,243 Views)

Re: Forwarding port 443 for WHS - conflict with connectToCiscoAP

[ Edited ]

cocksy wrote:
Thanks for the info computer-Joe, I'll take a look into that. I do have a spare cable router lying around that might work, but is only 100MBPs, rather than Gbit, so not ideal.

I haven't been able to do much digging on the WHS 2011 changing the ports, but I'll take a look over the weekend. Thanks again.

 

 

The 2WIRE is only 100Mbps as well. If you're already using a Gigabit switch downstream from the 2WIRE just move it so it's downstream from your own router instead.

 

Although I've given you some alternative solutions (not necessarily perfect solutions), my opinion is that the cheapest and cleanest solution is to go buy some CAT5/6 and hard wire your wireless STB and ditch the WAP, or a little more expensive, go with power-line ethernet adapters if you absolutely can not run CAT5/6 to the wireless STB.

 

 


__________________________________________________________
How can you be in two places at once, when your not anywhere at all?
------------------------------------------------------------------------------------------------------
I really want to become a procrastinator, but I keep putting it off.
------------------------------------------------------------------------------------------------------
There are three kinds of people, those that can count, and those that can't.
------------------------------------------------------------------------------------
“Our great democracies still tend to think that a stupid man is more likely to be honest than a clever man, and our politicians take advantage of this prejudice by pretending to be even more stupid than nature has made them." :Bertrand Russell

                              

Message 36 of 37 (1,242 Views)
Highlighted
Expert

Re: Forwarding port 443 for WHS - conflict with connectToCiscoAP

CJ is correct, you can run port translation if you're OK with logging into the secure site directly (assuming WHS allows that without issue, which I'm not sure of). And if you're OK with possible bookmarking oddities.

And yes, the alternate solutions are also viable, including hard-wiring the STB using Ethernet or powerline adapters and getting rid of the STB wireless access point.
Message 37 of 37 (1,227 Views)
Share this topic
Announcements

Welcome to the AT&T Community Forums!!! Stop by the Community How-To section for tips on how to get started.