Date: Sun, 7 Jul 2002 20:02:30 -0500 From: Tim <cyberlord@cyberlord.net.dhis.org> To: sroberts@dsl.pipex.com, FreeBSD-Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Webserver behind SMC Barricade SMC7401BRA DSL Router? Message-ID: <200207072002.30430.cyberlord@cyberlord.net.dhis.org> In-Reply-To: <1026080795.1461.8.camel@Demon.vickiandstacey.com> References: <1026080795.1461.8.camel@Demon.vickiandstacey.com>
index | next in thread | previous in thread | raw e-mail
On Sunday 07 July 2002 05:26 pm, Stacey Roberts wrote:
> Hi,
> I am having problems setting up a services (httpd, ftp) running on a
> server behind a SMC Barricade SMC7401BRA DSL Router at my home network.
>
> I have an ADSL service from my ISP with a dynamically assigned IP
> address. I however, have ddclient running, my own registered domain
> name, and have a dynamic DNS accout setup with ZoneEdit.com.
>
> ddclient is able to retrieve the dynamic IP address okay, but the IP
> address is bound to my router's outside interface., as such, typing the
> url of my site returns the login page of the router:-(
>
> Is anyone successfully running webservices from behind one of these DSL
> routers? Maybe you can provide me with gotchas that the manuals don't
> tell you. I *have* been to SMC's website (rather a repitition of the
> manual's faq), the only reference to my case is a faq on the possibility
> on running a webserver behind the barricade, to which the answer is
>
> :"Upgrade to the latest firmware."
>
> Unfortunately, the firmware listed on their website is the very one that
> ships with the router (go figure!).
>
> I'd appreciate *any* help with this from list members..,
>
> Thanks in advance.
>
> Stacey
As far as I know, you have to set up static IPs on at least the server
computers. Then from your router you forward the ports 80 and 21 to the
static IP of the server running the service.
If you have the server running on a dynamic IP (DHCP), how will the router
know what address to forward the incomming connection to?
If you can't port forward or set up static IPs then you can't except incomming
request for connections.
Also, I recommend blocking WAN access to your router. This is a security
issue. You don't want outsiders being able to re program your router. If you
NEED to do remote access you MUST have a strong password.
I recommend also, denying PING requests if you can with your router. This
will help reduce the number of script kiddies trying to get info about your
setup. If they don't get a ping request, they may just skip the port scan on
that IP.
I'm not sure how much this will help, but...
^ 192.168.1.2
R----Port 80--->[HTTPD]
<Internet>---o 192.168.1.3
u----Port 21--->[FTPD]
t
e
r
v
HTTPD and FTPD can be run from the same machine of course. :)
Hope this helped,
Tim
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207072002.30430.cyberlord>