 Search the Knowledgebase |
 Browse by Category |
|
|
|
|
|
| How can I do a port forwarding with an AirLink modem? |
|
Article Details
Last Updated
30th of May, 2011
|
| User Opinions (3 votes) |
100%
0%
|
|
Thank you for rating this answer.
|
A port is a communications endpoint used by Transport Layer protocols of the IP protocol suite, such as TCP protocol and UDP protocol. In other words, a port is an opening through which data can flow. When a program is sending data through the port, the port is considered blocked-no other program can use that port.
A port is identified by the port number, the IP address it is associated with, and the protocol used for communication. Port Forwarding (sometimes referred to as port mapping) is the act of forwarding a network port from one network node to another. This technique can allow an external user to reach a port on a private IP address (inside a LAN) from the outside via a NAT-enabled router. [Definitions are partially quoted from Wikipedia and portforward.com].
In our scenario we have a Raven X with 5 hosts behind a switch. PC 101 has IP 192.168.1.101, PC102 has IP 192.168.1.102, and so on.
We want to run Secure Shell [ssh-port 22], telnet [port23], and we want to access a Web Server on port 80, as well as SNMP on port 161.
In the Raven X series of modems we will configure the modem using the internal ACEmanager, which is accessed at http://192.168.13.31:9191 by default. The password is 12345. Prior to configuring the port forwarding we want to go the LAN tab, selectAddressing and configure Private IP (see the picture below). We will use 192.168.1.101as our private IP as this will be the first device attached to the host. Our modem IP will become 192.168.1.1. The subnet mask will be 255.255.255.0.
Note: Once we change the Raven's IP address, we will need to access the modem via ACEmanager using http://192.168.1.1:9191 (IP address 192.168.1.1 and port 9191).
Next we go to LAN > Global DNS and enable updates as well as putting in 4.2.2.1 and4.2.2.2 as alternate DNS's.
Our next step will be to do the port forwarding which is done on the Security tab. Port forwarding may be done across a serial PPP, Ethernet, USB NDIS connection. ACEmanager allows either single ports or port ranges to be specified.
On the screenshot above the first item is DMZ. This is the IP to which all ports that are not defined in the rules below will go. The default interface is to use what is connected. This can also be specified as a serial PPP, Ethernet, USB NDIS connection.
The next setting is the number of Port Forwarding entries (Security > Port Forwarding).
To add an additional row, click Add More. To delete a row, click X in the front of any row.
Number of PF Entries must match the number of entries rows. Note that there a maximum of 250 entries. Also, it is not recommended that you use ports below 1024, as those have been specially designated for certain applications.
In our example (first row on the image above) we are forwarding port 1025 to a single private port 23 on IP 192.168.101. Note the start and end public ports are the same, which means a single public port 1025.
For the second set of entries (second row) there is a range of 200 public and private ports.
Public Port start: 1100; Public Port end: 1300; Private port (start): 0; Private port end :200 (end port# is not listed but implied).
Packets coming on public port 1100 will be forwarded to private port 0, but packets coming in on public port 1101 will be forwarded to private port 1. Therefore packets coming on public port 1122 will be forwarded to private port 22 (0 + 22, where 0 is starting private port). Data coming in on public port 1180 will be forwarded to private port80 internally. So, the Data coming on public port 1181 will be forwarded to private port81.
The same rule applies to the rest of our entries on the picture above.
The entry #3 (public ports 2000 to 2200).
All data from public ports 2000 to 2200 are forwarded to private ports range 0 to 200.
So, public port 2022 would be forwarded to the private port 22. Public port 2023 would be forwarded to private port 23, and so forth.
The last range (8000-9000) was chosen deliberately wide, in case you had a multitude of applications, but you would probably never need that many.
If you specify a range, the modem will use the number range specified and increment from the private port.
Another example, not shown in the image above.
Public Port start: 4500; Public Port end: 4525; Private port (start): 45; Private port (end, not listed but implied): 70.
Private port end calculation: 4525- 4500=25; 25 +45=70
Packets coming on public port 4500 will be forwarded to private port 45, but packets coming in on public port 4501 will be forwarded to private port 46 ( 45+1). Therefore packets coming on public port 4525 will be forwarded to private port 70 (45 + 25, where 45 is starting private port).
When you have finished all entries, click Apply.
Notes:
All hosts except for the first one must be statically assigned.
The LAN > Addressing > Modem IP will be your gateway IP on all hosts.
Subnet masks will be 255.255.255.0 in almost all cases, same as on the LAN Addressing page.
|
| Related Articles |
|
No related articles were found.
|
| Attachments |
|
No attachments were found.
|
Loading... Please wait...
The article has been updated successfully.
