Port Forwarding Issue

[wessubba]

Modem: AT&T Motorola NVG589
Router: WHR-300HP2D

I am trying to forward ports on my router, and I can't seem to get things to open ports I need.  Based on some info, I think I either have messed something up on the modem or the router.  What I want is to have the order of devices from outside world to computer to be:

• Modem in bridged mode
• Router
• Computer/server/whatever

This is complicated because AT&T does not allow you to enable bridging mode, it only allows "IP Passthrough" so they can still scour my data.  I would like to set up port forwarding by which I can ssh through an uncommon port.  My method has been this:

On Modem:
Set up IP Passthrough mode using a fixed DHCP.  Use the MAC from the Buffalo router as the destination DHCP.

On Router:
Restart.  Confirm internet access (meaning DHCP is assigned properly).  Go to port forwarding.  Forward an arbitrary port (66666) from the external IP to 192.168.11.120 port 22.

On SSH Server:
SSH enabled.  Listening to port 22.  IP tables allowing anyone to call that port and request entry.

On another computer for testing:
nmap -sV 192.168.11.120 -p 22   =  open port
nmap -sV [ext. IP] -p 22 = closed port
Just to check things, I did some more testing on ssh.
ssh user@192.168.11.120 = works
ssh user@192.168.11.120 -p 22 = also works
ssh user@[ext IP] = fails
ssh user@[ext IP] -p 22 = also fails, but it should
ssh user@[ext IP] -p 66666 = fails, and that is a problem

Somewhere along the way, the port is not being redirected properly.  I suspect it is the router, although I would not rule out some BS being done by the modem.  The reason I think it is the router, is that my traceroute does not appear to even touch the modem.

Suggestions on how to solve this?  Need more/specific tests?

[Texturtle]

It's difficult to test this from within the same network. You really need to have an external device to test. Try setting up a hotspot on your phone and trying from that network.

[wessubba]

It's difficult to test this from within the same network. You really need to have an external device to test. Try setting up a hotspot on your phone and trying from that network.

I have been using http://canyouseeme.org/ to test as well.

[Texturtle]

canyouseeme will test if a port is open, not if you have everything else configured correctly. If you try to reach the external IP for your network from a system connected to that network, it won't work.

[wessubba]

Well I'll be dipped.  Today I learned.  I tried it from work and it does just fine.  Of course, we also had a power outage last night that would have restarted everything too.  This makes determining the cause of the success difficult.  However, I am satisfied with the result. 

Consider this thread solved.