No-ip DUC -

Hello, i don’t have an router and my ports are open… but somehow the no-ip DUC seems to not redict to my host(ip) … im wondering if its the COMODO blocking it.

I tried to add the Port rules 81 for example to the rules, but no working.

If i could get a direction what i need to do to fully allow no IP DUC and the redict domain to my host(ip) it would be great, thanks in advance!

Stop uses rats and you will be happy.

Actually i try to open port 7171 for my MySQL server, but isn’t working either.

oh sorry , i was thinking you was using it for backdoor…
I can’t help you about firewall rules, Ronny or brucine are goods for that^

Hope that they see this then… 88)

“Hello, i don’t have an router and my ports are open…”

my first thought is: when you are using a firewall, why are your ports open? you tell it as if its the normalest thing. if you want to be safe, make sure that your ports are at least closed, or better stealthed.

a first test, if comodo is the problem with that program you want to use, could be to enable the windows firewall and disable then the comodo firewall (dont forget to re-enable later).

in general, your program should have a manual entry about the needed network permissions (ports, ip, ect). when it doesnt work with the windows firewall too, then its needed to make specific exceptions usually. do you know these specifications?

I already got windows firewall OFF.
No i dont know these spefications.
And about my ports are open, well maybe it’s because i fixed to much in the ports are in COMODO firewall,

I want folowing ports open 7171,81,8080 and 7272

If someone could lead me into the directions where i take off my “ports open for the whole world” and put those who are necessarily in would be great.

using of windows firewall was THE test :wink:

try to use the comodo firewall stealth port wizard setting 3 (hide me from everyone). then make the port test again. are they closed now?

if you use a program for remote access, READ ITS MANUAL, because it is a possible dangerous procedure! you should know what you do.
and to edit blindly rules of a firewall is a bad idea. make exceptions as specific as possible. and when you know these exceptions, you can easily add them to the rules set of comodo. but we need first to know, what is needed.

again: at first, lets try to close your ports!

Alright , yes it worked.

the ports are closed now?

now you should gather the informations that are needed to use the remote program safe!
if no ones answering about OPENING ports (i avoid it), i would give you an example of a very specified fact. if you know which port is needed, i show where and how. but all the decisions that you make with this knowing is YOUR choice.
opening ports and using remote access is a danger, and i dont want to suggest much about it. i would just tell about the principle.

I don’t get it… yes every port is closed now, both TCP and UDP.
Now do i need to open all ports for those program that i use?
Like Utorrent, and such?

And still 7171,81,8080 and 7272 ?
Really i don’t understand.

the first step is to read the manual or the program that you want to use for remote access. in this manual they will tell you what is needed to run it (with a firewall).

when we know what is needed, we will find a way to set the needed rules (as specific as possible).

as you ran the stealth port wizard, your ports are closed again (that is good). i dont know what you changed before. but you said, the port tests are showing your ports to be closed now. as you made some changes “into the blue”, maybe you made something wrong/insecure, but that i cant see from “here”.

when we know the needed settings (manual tells them), in global rules there will be made “general, but very specific” exceptions.
then it is needed to make a rule in application rules for the program, so it will “accept” this ingoing traffic.

it is easy to set the rules. difficult is only, to make it as safe as possible.

have a bit patience. dont hurry in questions of security.

If memory serves, i don’t use it anymore, No-IP DUC uses as default the port 7245, and of course connexions must be allowed to and from the No-IP server.

If you are running several machines on a LAN, it should also be redirected through the computer ensuring the connexion (ICS?) to the proper LAN computer (e.g.

Whatever the connexion situation might be (and to be described if the problem persists), No-IP DUC needs to run as a resident service and the firewall configuration needs to be set to custom, maximum alert frequency in order for the firewall to write proper rules if needed.

I remind that it is not possible to test No-IP DUC connectivity inside your own LAN and/or same ISP connexion: you either need to have 2 different connexions at home (e.g. a laptop with another wireless account) or a friend to test.

at brucine

as you seem to know that program, its your turn here now :wink:

Nevermind lol :slight_smile:

A few observations:

  1. My memory goes bad: No-IP DUCS default port is not 7245, but 8245.

  2. If we want to understand what goes on, we should know what hardware ensures the internet connexion, if not a router, and if one or several computers are connected as a LAN to this device.

  3. And also what programs you intend to run (Concerning Utorrent or more generally speaking whatever p2p software, i am the dumbest guy on earth, but the needed ports and authorizations are well documented in this same forum.)
    Note that stealthing ports from CIS is a nasty idea if you are running a p2p client as, by definition, your guest does not know your ip and domain name before connecting, and needs to “see” your computer. (Use the second choice, alerts per ip and port).
    If you want to secure such a connexion, No-IP is not relevant, and you should better use a VPN client (call it Hamachi or whatever you like, but i am not sure that CIS likes 5.x Hamachi virtual IPs).

4)Thus, the only reason of wanting a No-IP redirection is being provided a dynamic IP from your ISP, and needing someone to connect to your computer without previously needing to phone or mail your current IP to the said person: as such, my No-IP experience is limited to running a FTP and HTTP server (the former is easier) and to remote desktop with various softwares (VNC, Radmin…) at a time when, running then Windows 2000, Microsoft did not provide such a built-in facility.

  1. No-IP mail support has always been very courteous, but as unefficient, probably due to the conjonction of you running a free software and of No-IP support sending you standard answers, they are not in front of your computer(s).
    I don’t believe that most ISP forbid nowadays connexions to ports 80 and 21, but if so, change your ISP, and it is anyhow very easy to check, as we shall see next, even if you don’t read your ISP documentation or ask him anything.

  2. Not speaking of a manual, it is not true to state that No-IP does not provide comprehensive help; please link to Knowledge Base and Customer Support Center, where you shall find not only standard configurations tutorials for most usual situations, but tools to test the previous “ISP theory”:

  3. This being said, and in order to make a No-IP connexion work, you need:
    -Of course to acquire a domain name at No-IP, let’s call it
    -To run No-IP DUCS as a service if you want to be able to be connected without your intervention
    -To define your computer not with a DHCP lease, but with a fixed LAN IP: let’s call it
    -In such a situation, No-IP must redirect to this LAN IP (and NOT the WAN one): for larger chances of success, you need to rewrite your HOSTS file accordingly, e.g.:

it might be useful to copy this original HOSTS under X:\WINDOWS\system32\drivers\etc to
X:\WINDOWS\system32 (remember that these files are system and hidden).
Moreover, if some internet connection sharing device exists and if it has a NAT ability, you must:

-redirect all concerned connexions to the local concerned computer.
The most powerful function, if available, is DMZ (DeMilitarizedZone): force it to redirect everything to
If not available, or if you want to keep some interactive applications on other LAN computers, the next one is the Virtual Server function (might, as DMZ and depending upon the device, have other names).
In the example of a FTP server, passive mode, you would have the following rules:

Global Port Local IP Local Port Protocol
8245 8245 TCP
21 21 TCP
20 20 TCP

These rules are the same on the firewall side, but shall need some other writings (svchost, browser…): in order to avoid the pain of writing them manually, you should therefore set the firewall to custom, maximal alert level in order for the firewall to automatically ask for these rules; it is better, in this last regard, to disable both the Sandbox and the Trusted Vendors.

In order to test your No-IP connectivity before CIS rules are written, you should of course start to test the No-IP redirection with the firewall temporarily disabled, and next to write these rules after you are sure that the connexion itself works.