port forwarding troubleshooting

Thank you so much, Bob and everyone! I'll try to answer the remaining questions and summarize my remaining question, and I'll also provide some info on what I'm actually doing at the end:

Brand/Type of modem:

As I wrote earlier the model number is "DPQ3212 DOCSIS 3.0 2-PORT Voice Modem" but now that I got into the cabinet in the wall where Cox had hidden it, I see that the brand is Cisco. I'll attach a picture of the front and back of the modem. From Bob's helpful explanation it looks to me like a "simple modem" with only one ethernet port, but with 2 voice/telephone ports as well (because we get a landline service from Cox as well as internet). So thank you for confirming that given this, the correct setting for the Time Capsule is DHCP and NAT.

Status:

As I wrote before the Status does not appear on an AirPort Utility check and I don't see a Double NAT message.

So as I understand it after all this great help from you all:

• The ATC port forwarding settings I posted earlier should work as long as the IP listed in that window matches the IP of the machine that I'm using to "listen" on that port
• The fact that a port check website isn't showing the port I have opened to be open isn't very definitive and shouldn't worry me, so I should test what I'm trying to do (audio networking via UDP, more details below) and see if it works

But if the second point is true, then I'd also love to know which tools you recommend for checking ports more accurately, if there is a way? I have tried iperf in the past but am also wondering if it's possible to simply check with the port scan tab in Network Utility? I ran that and don't see any helpful message (see attached screenshot) - does that mean that those ports (I'm trying for 4464) are not open?

Here is more about what I'm doing in case that helps or you're interested:

I did have some trouble yesterday with the audio networking software so my best guess is that I have not solved this port problem (because it worked when I was a client but not a server), but I'm going to try again later today with someone. FYI, the software I'm using, both open source programs, are JACK audio server along with Jacktrip, a command line program for sending multichannel audio via UDP ports among machines running JACK. I have a lot of experience with this software/networking, but I've always done it on university networks where the process of opening the UDP ports is just by request to my sysadmin person, not something I have to manually configure. I'm eager to learn more now about the nuts and bolts of networking and really appreciate all this great help from you all, thank you all!

Thank you so much for the quick and helpful reply, Tesserax!

I now see that the IP 10.0.1.201 is not the one that is listed under Network settings for my laptop (connected to the ATC via an ethernet cable), which is 10.0.1.14. I will try it again, getting the IP to match the machine I need to listen to those ports on. However, a previous time I did this, I had noticed that IP field and did match it to the machine's IP, and I believe it didn't work that time either.

To answer your questions:

If so, is your base station the "main" Internet router for your network?

Yes.

That is, does it connect directly to a simple modem and not to another

router or gateway device?

Yes. I can access the modem via a browser but do not have privileges to login (it's from Cox).

Does your ISP provide you with a static or dynamic public IP address? That is an address that does not start with

either 192 or 172, or 10?

They do not provide a static IP so I assume it's dynamic/DHCP, if I understand the concept correctly. I do work at a university and in that context I can request static IPs for this work (audio networking) and open up the ports on those IPs, so I'm familiar with that process, but at home I do not have a static IP.

I will try re-doing the settings and matching the IP in that field to the local IP on my laptop, but if you see anything else I should try please let me know. Thank you!

Update: I made sure the Private IP field lists the same IP as my local IP on the machine that I am "listening" on, and still see this port blocked when I use the check feature at <https://www.portchecktool.com/>

Thanks!

Thanks. Here are the results:

traceroute to 8.8.8.8 (8.8.8.8), 64 hops max, 52 byte packets

1 10.0.1.1 (10.0.1.1) 1.850 ms 1.280 ms 1.259 ms

2 10.75.151.1 (10.75.151.1) 8.427 ms 8.777 ms 7.685 ms

3 ip68-4-12-140.oc.oc.cox.net (68.4.12.140) 10.468 ms 8.709 ms 9.081 ms

4 100.120.104.0 (100.120.104.0) 9.182 ms 28.457 ms 10.460 ms

5 langbprj01-ae1.rd.la.cox.net (68.1.1.13) 11.806 ms 11.395 ms 11.747 ms

6 72.14.196.240 (72.14.196.240) 11.832 ms

74.125.51.136 (74.125.51.136) 19.209 ms

72.14.242.92 (72.14.242.92) 12.786 ms

7 * * *

8 dns.google (8.8.8.8) 12.861 ms 14.069 ms 22.322 ms

Am I understanding correctly that the first 2 lines of those results mean that:

10.0.1.1 is my Apple Time Capsule

10.75.151.1 is my Cox modem/router (which I believe is a box they installed and do not allow me to access, and which I connect the ATC to through an active ethernet port on the wall)

When I spoke to Cox they told me they don't block the port I'm trying to open (4464).

If this is all correct, then -

Does this mean that I should enter 10.75.151.1 as the "Private IP" in the port forwarding settings? Or something else?

Thank you both for the help, I'm very grateful!

Thank you! I'm attaching a screenshot of what I see in that small window (No status listing)

When I login to the modem (somehow I found the IP by trying several online based on brand names I saw in the Cox support pages) it says this along the top:

DPQ3212 DOCSIS 3.0 2-PORT Voice Modem

I will also attach a screenshot of what I see there. I don't have the login.

I will try to locate the modem which I think is pretty hidden - they wired it into the house ethernet and activated a port on a wall which I plug the ATC into.

Sorry, I forgot to answer this:

"Is it possible that your Time Capsule was originally set up in Off

(Bridge Mode)......and you changed the Router Mode setting to DHCP and

NAT?"

I recall when I started that it was in DHCP and NAT, and I left it there because that was what I saw in several instructions I found online. I assume if I put it in Bridge mode, my ATC won't work as a router anymore, so the wifi network will no longer be active - is that correct?

Thanks!

Great, thank you! This helps: "I would take as a grain of salt what most port checkers tell you.. the only way to find out is actually run the application externally to see if you can get access." I will do some tests (it's for audio networking software) and report back.

Thanks, Bob! That is great to know about the DHCP Reservation. I'll test soon and also appreciate hearing your perspective that there isn't a reliable way to test if port mapping is truly working. That is really surprising to me but reassuring somehow (even if disappointing). Thanks.

Thank you Tesserax, Bob and everyone, this has been incredibly educational for me! My problem is now solved and I've learned a lot from these posts and also reading up online more about NAT. Here's a summary:

I think the reason it didn't work at first was that the IP that I'd set in the port forwarding didn't match the one on the machine I needed to use for the networking.

Once I fixed that (and added a DHCP reservation for the USBC-ethernet adapter I'm using, so it won't happen again), I got it to work.

The reason I know is that I'm using the audio networking software that I mentioned earlier, and was able to a computer in my university office that I can login to remotely (vnc, via connect to server). I login to it and can run the networking software there as well as on my local machine, and I was able to connect both ways, i.e. both as server and client. (My understanding is that if my UDP port at home is not open then I could only send audio to the other machine but not receive from it, but because I was able to establish successful connections both ways and route audio both ways, I know the UDP port at home is open.).

So thank you all for this great help! I really appreciate it.