This guide will show you how to forward ports on the Linksys Cable/DSL Router. The screen shots you will see are from the older firmware (1.2x) of the router. Newer firmwares for the router include the ability to forward ranges of ports, not just single port numbers.
http://www.youtube.com/watch?v=pIK-RpVNAM8
http://www.youtube.com/watch?v=pIK-RpVNAM8
The router information says that you cannot have port forwarding enabled if you have DHCP enabled on the router. This is NOT correct. You CAN have both port forwarding AND DHCP active if you take the proper precautions. You need to create a network that is half static, and half dynamic.
You must assign your server machine a static LAN IP address.
The rest of your computers on your network can have dynamic LAN IP addresses assigned from the Linksys router.
You must make sure that the range of IP numbers that the Linksys router assigns does not include the static IP address you gave your server.
For example, if you gave your server the IP number 192.168.1.20, then you can tell your Linksys router to assign IP's from the range of 192.168.1.100 --> 192.168.1.200. Basically, you don't want the static IP of your server to be included in the range of IP's your router will be handing out to the rest of your computers. This holds true for any home router.
Let's play!
To log onto your Linksys router, type in "192.168.1.1" into your web browser.
You'll see the following prompt asking for the username and password.
This is the first page you'll see when you log onto your linksys router.
Click on the orange tab labeled "Advanced".
In the gray box is the list of ports that are commonly used by servers.
In our example here, we will forward ports 80 (for HTTP) and ports 25 (for SMTP mail). Why no FTP port? First of all, the less ports open, the more secure your home network is from the Internet.
Second of all, I'm assuming you'll be doing your FTP'ing from home on the LAN so these port forwarding won't matter. You'll still be able to FTP from inside your LAN network, just not from the WAN (Internet)
But since it's your own network, you're free to open whichever ports you like!
The computer (server) we want to forward the port to in our example has the IP number of "192.168.1.20".
This is what it looks like when it's done:
Click on "Apply" at the bottom of the screen and you're done!
The changes take place immediately and you should be able to access your webserver by typing in the IP number of your DSL or Cable Modem (WAN IP number).
Note: You can also access your server from the internal IP number (LAN), but this does not test if your port forwarding is working correctly or not.
Hint :
Here is how I made it to work:
First point: You DON'T NEED to change the port Apache is listening at all ! Many solutions suggests to change the port, but it is NOT necessary.
I have Apache listening at port 80 normally under TWO routers (the modem router and the wireless router)
You must :
1- Configure all routers and modems (some modems have an internal router, such as DLINK) to receive some UNUSUAL PORTS as '8081' to '8082' AND redirect those requests to the IP where your apache server is running, at the port 80. AVOID 8080 use 8081 or higher.
2- Put the hosts (both networks) in the DMZ (host at "DEMILITARIZED ZONE", in other words, out of policies)
There are 2 networks in my case: 10.1.1.1 (modem) e 192.168.1.1 (wireless router)
Ex:
Suppose a modem router which network is 10.1.1.1 and the Apache PC is AT 10.1.1.5 IP:
You must configure NAT - Virtual Servers acessing 10.1.1.1 / NAT / Virtual Servers:
PortStart......PortEnd......type...... dest IP........ dest PORT
...8081..........8082..........TCP..... 10.1.1.5........ 80
DMZ Host: 10.1.1.5 <- the ip used by the APACHE PC network.
To get it, run ipconfig at cmd prompt.
For the secondary router (wireless) which network is 192.168.1.1:
DMZ Host: 192.168.1.10 <- ip of the PC running Apache in the wireless router subnet.
To preview the site, DO NOT YOUSE YOUR HOME WIRELESS neither A COMPUTER CONNECTED AT YOUR HOME INTERNET NETWORK, because all you will see will be the MODEM ROUTER PAGE!!! You must access your site from OUTSIDE the home network (ex: use your mobile gsm internet, NEVER wi-fi !!!)
The scheme to access the site, so, lets suppose the current internet ip is 199.123.4.75:
http : //199.123.4.75:8081 OR
http : //199.123.4.75:8081/mywebsite
http : //199.123.4.75:8082 OR
http : //199.123.4.75:8082/mywebsite
REMEMBER, I got Apache running and STILL listening at port 80 !!!
Who does the magic are the ROUTERS, specially the first (modem) that redirects the ports
NAT- VIRTUAL SERVERS. DMZ is also essential. For both router configurations.
No comments:
Post a Comment