Date: Sun, 7 Jul 2002 20:02:30 -0500 From: Tim <cyberlord@cyberlord.net.dhis.org> To: sroberts@dsl.pipex.com, FreeBSD-Questions <freebsd-questions@FreeBSD.ORG> Subject: Re: Webserver behind SMC Barricade SMC7401BRA DSL Router? Message-ID: <200207072002.30430.cyberlord@cyberlord.net.dhis.org> In-Reply-To: <1026080795.1461.8.camel@Demon.vickiandstacey.com> References: <1026080795.1461.8.camel@Demon.vickiandstacey.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sunday 07 July 2002 05:26 pm, Stacey Roberts wrote:
> Hi,
> I am having problems setting up a services (httpd, ftp) running on a
> server behind a SMC Barricade SMC7401BRA DSL Router at my home network.
>
> I have an ADSL service from my ISP with a dynamically assigned IP
> address. I however, have ddclient running, my own registered domain
> name, and have a dynamic DNS accout setup with ZoneEdit.com.
>
> ddclient is able to retrieve the dynamic IP address okay, but the IP
> address is bound to my router's outside interface., as such, typing the
> url of my site returns the login page of the router:-(
>
> Is anyone successfully running webservices from behind one of these DSL
> routers? Maybe you can provide me with gotchas that the manuals don't
> tell you. I *have* been to SMC's website (rather a repitition of the
> manual's faq), the only reference to my case is a faq on the possibilit=
y
> on running a webserver behind the barricade, to which the answer is
>
> :"Upgrade to the latest firmware."
>
> Unfortunately, the firmware listed on their website is the very one tha=
t
> ships with the router (go figure!).
>
> I'd appreciate *any* help with this from list members..,
>
> Thanks in advance.
>
> Stacey
As far as I know, you have to set up static IPs on at least the server=20
computers. Then from your router you forward the ports 80 and 21 to the=20
static IP of the server running the service.
If you have the server running on a dynamic IP (DHCP), how will the route=
r=20
know what address to forward the incomming connection to?
If you can't port forward or set up static IPs then you can't except inco=
mming=20
request for connections.
Also, I recommend blocking WAN access to your router. This is a security=20
issue. You don't want outsiders being able to re program your router. If =
you=20
NEED to do remote access you MUST have a strong password.
I recommend also, denying PING requests if you can with your router. Thi=
s=20
will help reduce the number of script kiddies trying to get info about yo=
ur=20
setup. If they don't get a ping request, they may just skip the port scan=
on=20
that IP.
I'm not sure how much this will help, but...
^ 192.168.1.2
R----Port 80--->[HTTPD]
<Internet>---o 192.168.1.3
u----Port 21--->[FTPD]
t
e
r
v
HTTPD and FTPD can be run from the same machine of course. :)
Hope this helped,
Tim
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207072002.30430.cyberlord>