Relay Connection Solved

I figured I would post my experiences getting this connected - In the end the fix made sense.  Let me preface this by saying I have been an IT architect for the better part of the last decade, and this is the most frustrating device I have ever come into contact with.

Out of the box, set up was easy.  Local access was fine and I could access when connected to a different wifi.  Being the engineer, I could not leave well enough alone, so I installed the mobile app and then the problems began.  LIke most mobile ISPs Sprint blocks 443 essentially rendering the default secure port useless.  I figured, “no big deal”  just change the listening port and forward in my Firewall right? in comes the Port forwarding failed relay connected message"  Configured over and over again to ad nauseam to no avail.  after testing via telnet to ensure what ports were open and listening, i came to the conclusion that no matter how you configured the manual remote ports the NAS would always just listen on 80 and 443 respectively.  So here is my setup-

  • Cloud ports set to manual on NAS 9080 and 9443 respectively

  • router - upnp enabled, remote ports 9080 and 9443 forwarded to internal IP (NAS) 80 and 443

-Static IP set on NAS and reservation set in router

Bingo, relay disappeared and port forwarding successful.  External test both on the sprint network and via telnet validate.  The interesting part of all of this is that the NAS doesn;t actually listen on 9080 and 9443 it just will accept the forwards coming from the router on only those two ports.  

Hope this helps someone - say thank you if it does

5 Likes

nicely done… it all makes sense afterwards.

I used the same solution for: Somebody was trying to access my Mac via port 5900 with Authentication FAILED screensharingd. My solution was to route port 5900 to an unused internal IP and port 9999 and set my remote Mac software port to use a different incoming port that maps it back to 5900 internally. 

You got a kudos from me for a great solution

1 Like

This was very helpful after pulling my hair out several times this was exactly what I needed - I had read elsewhere a how to but it did not mention to go 9443 to 443 and 9080 to 80

This solved everythings thanks!

Your post was funny because being a computer guy myself, every time you brought up a barrier, my mind immediately came up with the “fix” and literally that was always the next thing you’d say, haha. Seems we always immediately came to the same conclusions to bypass it all.

That’s really bizarre about it listening on 9080 and 9443. But didn’t you say that in the drive you set the listening ports to be exactly those? So that is no mystery why they’d accept connections on those odd ports.

No, wait. I had it backwards. The connections were coming in on 9000’s but the NAS was listening on 80/443 still regardless.

So I say that the traffic comes in over their network and your host as 9000’s, hits the port forwarding in the router… I don’t know how to put this non confusingly but basically the reason for the ports accepting connections on ports they’re not listening on is due to uPnP’s dynamic port mapping from the LAN side out… It established the last link to map those odd ports to the incoming data, even seemingly on the wrong port.

Btw that’s stupid. Blocking 80/443. Ok. Somebody might try and run a web server on their network. But this is a prime example where their proactive network lockdown prevents legit use devices/software from working.

I can understand blocking SMTP cause people would be scanning the ISP’s whole subnet (I say that as if it doesn’t happen 24/7 regardless, lol) and finding people running servers with open relays/noob security. Then using them to do the infamous dastardly spam jobs. And I can get port 21/FTP incoming. Don’t want any 0-day top sites running off of their generous 3mbps upstream allotment…

Sometimes they act like they’re giving you an OC-384 connection to just have your way and push terabytes a day out.

In reality, save the inherent legal and unique nature of spamming, there’s only so much you’re gonna ruin them running a web/FTP site off of some meager few Mbps upstream connection. “Well if everyone did it” yeah we’ll everyone doesn’t and wouldn’t. So, weak argument, there.

Then you had them blocking torrent ports. Then the contra quickly just tunnels the traffic dynamically. Then that leads to traffic/bandwidth shaping.

I see pretty soon the next step is blocking port 80/443 outbound. Lol.

I dunno if you saw the recent statistics but netflix was the real scourge, weighing in at some 30%+ of total bandwidth usage. By contrast, the runner up was YouTube at about a mere 12% or so? Torrents, Facebook, http and the other expected candidates filled out the remaining top slots.

And that’s the way it’s going and it’s gonna stay. The real issue is gonna be when HD streaming media REALLY blows up to the apex of its utility. We’re just getting started.

Streaming 1080p… and then what, when 4k goes standard and audio gives way to the final frontier and we abandon lossy audio for lossless.

But the beauty of that all is it’s self governing.

Meaning? You have two things constantly improving— codecs/compression algorithms that can store “x” times the amount of video at the same quality level or the opposite, you can store “x” times the quality using the same amount of space/bandwidth. Kind of a moore’s law derivative.

Compression tech steadily improves so we actually need LESS bandwidth to accomplish the same thing… while network tech is constantly increasing our throughput/overall basal bandwidth.

So you would end up having more bandwidth available, while also not needing that available excess.

In a perfect model. But we want 8,096k resolution with 64 channels of lossless audio and then some.

Bandwidth lust.

If it’s available for consumption, we will find a way to consume it all. Human nature 101.

But anyways. The point was it will reach an eventual state of diminishing returns on the content… You can only get so far in quality that it’s indistinguishable to the senses like ABX testing. You’re not gonna get to a higher resolution than reality. Or will we? What’s the resolution of reality?! Mind foookkk. Not really. The likely answer to that is the bandwidth / data / resolution of reality is invariably going to be greater than our senses ability to perceive such detail. It’s like watching a bluray on a 480p tv. The source detail is immaterial when the equipment decoding/presenting that information cannot faithfully reproduce it.

In simplest terms: human perception is lossy. Reality/nature… who knows the amount of detail that our very senses cannot process.

Sound being an easy example. Humans can hear frequencies from ~20Hz to ~20,000Hz, at best. Does that mean that’s the natural frequency range of sound? To us, I guess it is. Or it’s all that really matters. But even just knowing dogs can hear at least up to 40,000Hz or more is plenty enough evidence of that whole concept. That we are lossy decoders, decoding a lossless signal (or more so than we can tell).

We dither reality.

I really shouldn’t have taken that much mescaline before getting on a forum about hard drives, lol!! How I got from port 443 to theoretical existentialism — that’s off the beaten path just a little tiny bit. Lesson learned.

Well. I both addressed your info and also brought you to premature enlightenment as an aside. You’re welcome?? Lol. Sorry, mate!!

problem is no one reads the manuals these days.

Way too much caffiene haha.  So the weird thing with the ports is that although you set them in the config- they are not actually listening.  Your device will listen on 80 and 443 regardless of what you enter in.  It will turn down connections that are forwarded from any other ports than those that you configure.  UPNP does not come into play because I disabled it to have more control over the routing.  All forwarding, in this case, is done solely at the router.  The router gets the request at  9080 and 9443 and thn forwards - should be seemless to the NAS right?  Wrong! haha. The whole situation iscreated by the ISP blocking any unsolicated connections over 80 and 443 to my public IP. Nas appears to tear down the packet and ensure that it is originally sourced from the allowed ports.  I proved this out using telnet both to the router and the NAS

The issue I’m experiencing is port forwarding is working when i’m on my home network using VLC to access and stream my music and movies. The problem is when I’m on my cellular network VLC cannot access the My Cloud? What is the server address that I’m supposed to input in VLC to connect? I don’t use the My Cloud app on my phone because it doesen’t support MKV playback.

Thanks

This is a few moths old but it certainly hasn’t been rectified by WD to make it easy for users.

I’m not an IT architect but I’m not a complete numb nut either but I am tearing my hair out trying to sort this out.

I’m using a Telstra Netgear C6300BD.

I’ve tried 1000 permutations and I can’t get it to work.

           - Cloud ports set to manual on NAS 9080 and 9443 respectively

This is no problem. Using the UI I have set the Remote Access to Manual and set the ports as 9080 and 9443.

           - router - upnp enabled,

Further down the post, you say that it is DISabled. I’ve tried both but because I’ve got other uPnP devices, Ive left it ON.

            - Static IP set on NAS and reservation set in router.

No problem - Easily setup -

On Router - 192.168.0.X reserved in LAN setup.

On WD UI - Set to Static in (Settings > Network). All settings input - IP (192.168.0.X - WD), Subnet Mask, Gateway (192.168.0.1), DNS1, DNS 2

            - remote ports 9080 and 9443 forwarded to internal IP (NAS) 80 and 443

This is wherei am having trouble.

I have forwarded 9080 and 9443 to 192.168.0.X.

This doesn’t work.

How do I forward 9080/9443 to 80/443 ?

This router also has Port triggering. Is this what I use ?

Can this be done using the interface provided ?

Any clarification greatly appreciated.

Thanks

Using the router UI:

  • forward external port 9080 to port 80 of the IP address of your NAS,

  • same for 9443/443

Using the NAS UI, remote access configuration

  • choose manual configuration

  • declare that port 9080 is mapped to port 80 of the NAS

  • same for 9443/443 of the NAS

Reboot the NAS

Thanks for the speedy reply.

This is exactly where I am falling down.

The only thing I can do with the NAS UI is manually specify Port 9080 and 9443 for cloud access. There is no option to map ports… or am I missing something ?

Cloud Access Connection Options

Configure connection options for remote access to your device.

Connectivity

  Manually configure your router to work with your device.

External Port 1 (HTTP) * 9080

External Port 2 (HTTPS) * 9443

Then in my router, I have forwarded port 9080 and 9443 to the internal, Static IP address of the NAS. I can’t find any options to map these ports to port 80/443. It won’t let me type 192.168.0.14:80 or anythuing like that, if that’s what I need to do.

Active Forwarding Rules

Name Start Port End Port Protocol Local IP Address Actions
WDMyCloud 9080 9080 TCP 192.168.0.14 EditDelete
WDMyCloud2 9443 9443 TCP 192.168.0.14 EditDelete

I have also tried a rule in Port Triggering where I forward 9080/9443 to 80/443.

Port Triggering List

Trigger Range Target Range    
Start Port End Port Start Port End Port Protocol Enable Actions
9443 9443 443 443 TCP YES EditDelete
9080 9080 80 80 TCP YES EditDelete

This didn’t work either, so it’s back to just the basic settingsat the top.

I’m tearing my hair out with this **bleep** thing.

Thanks

Name Start Port End Port Protocol Local IP Address Actions
WDMyCloud 9080 9080 TCP 192.168.0.14 EditDelete
WDMyCloud2 9443 9443 TCP 192.168.0.14 EditDelete

This table doesn’t say which port of the local IP address you forward the range to. Can you post a screenshot?

That’s it really ! The table is a direct text copy of what is on screen.

As I said, the UI of the modem does not let me input any port after the IP address. I can only put Name, Start Port, End Port, Protocol, and Local IP (in 4 boxes with “.” between).

I was thinking I should be able to input 192.168.0.14:80 as the destination but I cannot find a way to do it.

Is this what you mean or something else?

One thing I did notice when playing around with this - I put the NAS Cloud Access in auto mode and everything started working perfectly. I looked at the uPnP data and both int port and ext port were on 80. A couple of hours later the ext port had changed to 9113 and it wasn’t working. What makes the change ? It all should be a lot easier than this.

Thanks again for your time.

I checked out a user manual for Netgear… Is it possible there is an option you left unchecked where you can specify a specific port for the itnernal device side?

This is a Telstra branded Netgear router with a Telstra made and branded interface. I’m starting to think that Telstra may have left some functionality off their interface.

Yes, there is a piece missing here.

One option for for you, is you would forward port 80, and 443 to the NAS. Several ISPs block port 80, though, and maybe port 443 is already reserved by your router. Worth a try though.

Another option for you is to forget port forwarding, turn on UPnP on the router and put the NAS UI on “auto”. That worked well with my NAS>

1 Like

I have held off on posting as it has been stable over the past few days.

What was originally happening with uPnP was that it would work for a while, then would stop and go to relay mode.

When I checked the uPnP portmap table, the ext port is changed from 80 to 9114 or similar.

I have escalated this with Telstra to find why the functionality is missing from their UI.

Thanks again for your help with this.

Another option for you is to forget port forwarding, turn on UPnP on the router and put the NAS UI on “auto”. That worked well with my NAS>

…and yeah, I tried auto a few times but it was unstable too. Hence, looking to get the manual settings working.

DonR1220, 

Thanks for posting this. I don’t profess to understand why this works, just glad that it does and the relay connection is gone.

This solution did the trick for me and my Fritzbox 3990 router while using the v4. firmware series.

Unfortunately I had serious issues with my attached USB hdd and reverted to v3.230. I have to let the router control

everything and set Mycloud to full Auto or suffer a no access failure after my ISP resets at 3:00AM every morning. Auto seems capable only of resolving a relay connection which is better than nothing and at least reliable

WD seems to have dropped the ball on this product in respect to the FW support. Disapointing. Much.