# Port forwarding from behind a inaccessible router(unsolved)

## blacklisted

I am a university student , where we have a LAN connection , the university(ISP) uses NAT and firewall (also squid proxy).

 Some of the ports are blocked by the ISP(we can browse any site , but bittorrents are blocked) , also another prob is that cuz of NAT , all the hosts here have the same IP according to outside world . One of the  guyz had told me that it is possible to setup a transparent proxy on my own pc and use iptables to forward the ports , he had been using the same . 

But the prob is that he has passed college and i really am not able to figure out where to start . Can someone guide me whether there is a nice solution to the problem i m having , also is there some way that , my ip to outside world can be changed??Last edited by blacklisted on Thu Jun 08, 2006 9:50 pm; edited 2 times in total

----------

## nielchiano

the only possible solution I see is to dig a VPN tunnel to the outside of your college, e.g. to your home-computer; and set up NAT+port-forwarding there to forward traffic through that tunnel.

There is NO WAY you can do it with iptables alone, since your PC isn't accessible from the outside world

Oh, I should mention that you might be breaking you college's rules; so I suppose you checked that out and found out that it's ok; else I'm not allowed to help you...

----------

## blacklisted

ya i have checked on the rules and its certainly not a  problem for sure because there are some guyz who have managed to do it , either they wont let me know or they have passed out . But i certainly didnt get anything u said , VPN tunnel and the rest . What did u mean by home-computer , i mean are u talking about my hostel room pc or my original home pc ( i hope u meant hostel one ). One of the guyz i m sure used transparent proxy + iptables to forward ports .

----------

## nielchiano

 *blacklisted wrote:*   

> One of the guyz i m sure used transparent proxy + iptables to forward ports .

 

if you are NAT-ed, which you seem: *blacklisted wrote:*   

> another prob is that cuz of NAT , all the hosts here have the same IP according to outside world

 the only way you can get packets IN is because the NAT-router is configuered to do so.

So either you are assigned some fixed ports on the global IP, and you can use those; or the router uses dynamic ports, based on the outgoing traffic.

The first case is easy: find out what port(s) that is, and use it

The second one is impossible: there simply is no way you can accept an incomming connection in your hostel PC.

So the solution to that is: accept a connection on a computer you control OUTSIDE that NAT-ed network (i.e. outside college) and forward from there.

I might me missing something, but I don't see a possible way you could get an incomming connection with transparant proxy's and port forwards if the NAT-router isn't coorporating.

----------

## blacklisted

Thanks for ur replies mate but to be very honest , there are people who do this here and i know it for very sure it works out fine for them . I dont see how am i going to setup all that on home pc thats not feasible for me . Is there a way to know which ports are blocked by the router , i dont think the ISP will tell me that .

----------

## nielchiano

let me know once you find out... I'm interested to learn!

You could do a port-scan, but on a NAT-ed connection that will not always give the correct results. this site will do a scan on you current IP and show the results.

----------

## blacklisted

plz guyz some1 help

----------

