From owner-freebsd-questions Sun Jul 7 18: 2:49 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BB69E37B401 for ; Sun, 7 Jul 2002 18:02:45 -0700 (PDT) Received: from cyberlord.net.dhis.org (ip68-14-182-106.pn.at.cox.net [68.14.182.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id DF91F43E31 for ; Sun, 7 Jul 2002 18:02:43 -0700 (PDT) (envelope-from root@cyberlord.net.dhis.org) Received: from cyberlord.net.dhis.org (localhost.cyberlord.net.dhis.org [127.0.0.1]) by cyberlord.net.dhis.org (8.12.3/8.12.3) with ESMTP id g6812c77026129; Sun, 7 Jul 2002 20:02:38 -0500 (CDT) (envelope-from root@cyberlord.net.dhis.org) Received: by cyberlord.net.dhis.org (8.12.3/8.12.3/Submit) id g6812VeX026128; Sun, 7 Jul 2002 20:02:31 -0500 (CDT) Content-Type: text/plain; charset="iso-8859-1" From: Tim To: sroberts@dsl.pipex.com, FreeBSD-Questions Subject: Re: Webserver behind SMC Barricade SMC7401BRA DSL Router? Date: Sun, 7 Jul 2002 20:02:30 -0500 X-Mailer: KMail [version 1.4] References: <1026080795.1461.8.camel@Demon.vickiandstacey.com> In-Reply-To: <1026080795.1461.8.camel@Demon.vickiandstacey.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Message-Id: <200207072002.30430.cyberlord@cyberlord.net.dhis.org> Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Sunday 07 July 2002 05:26 pm, Stacey Roberts wrote: > Hi, > I am having problems setting up a services (httpd, ftp) running on a > server behind a SMC Barricade SMC7401BRA DSL Router at my home network. > > I have an ADSL service from my ISP with a dynamically assigned IP > address. I however, have ddclient running, my own registered domain > name, and have a dynamic DNS accout setup with ZoneEdit.com. > > ddclient is able to retrieve the dynamic IP address okay, but the IP > address is bound to my router's outside interface., as such, typing the > url of my site returns the login page of the router:-( > > Is anyone successfully running webservices from behind one of these DSL > routers? Maybe you can provide me with gotchas that the manuals don't > tell you. I *have* been to SMC's website (rather a repitition of the > manual's faq), the only reference to my case is a faq on the possibilit= y > on running a webserver behind the barricade, to which the answer is > > :"Upgrade to the latest firmware." > > Unfortunately, the firmware listed on their website is the very one tha= t > ships with the router (go figure!). > > I'd appreciate *any* help with this from list members.., > > Thanks in advance. > > Stacey As far as I know, you have to set up static IPs on at least the server=20 computers. Then from your router you forward the ports 80 and 21 to the=20 static IP of the server running the service. If you have the server running on a dynamic IP (DHCP), how will the route= r=20 know what address to forward the incomming connection to? If you can't port forward or set up static IPs then you can't except inco= mming=20 request for connections. Also, I recommend blocking WAN access to your router. This is a security=20 issue. You don't want outsiders being able to re program your router. If = you=20 NEED to do remote access you MUST have a strong password. I recommend also, denying PING requests if you can with your router. Thi= s=20 will help reduce the number of script kiddies trying to get info about yo= ur=20 setup. If they don't get a ping request, they may just skip the port scan= on=20 that IP. I'm not sure how much this will help, but... ^ 192.168.1.2 R----Port 80--->[HTTPD] ---o 192.168.1.3 u----Port 21--->[FTPD] t e r v HTTPD and FTPD can be run from the same machine of course. :) Hope this helped, Tim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message