On Monday 23 March 2009 19:33:58 JohnS wrote:
On Mon, 2009-03-23 at 18:37 +0000, Anne Wilson wrote:
Her's another example it will do what you want, your just misunderstanding it. I have 2 customers that use Netgear routers. I think your not setting up the Nat - Add Page. http://portforward.com/english/routers/port_forwarding/Netgear/DG834G/e Mule .htm One thing are you using it for the DSL or another modem/router for dsl? If your using two only one can be Natted and the other Main router in Bridged Mode.
The router is also the DSL modem.
Ahh, and a warning about that. Make sure after you get the port fowarding working that the router is not wide open. Meaning every port open. Zyxel and Netgear are very similiar in design (software) and both of them have this problem. This only occurs when it is in the routing mode
As far as I can see it defaults to outward traffic being open, but inward traffic blocked apart from the rules I set.
OK - I'm thick. I've looked at that page and seen only what I'm already familiar with. Please, in plain English, how do I set ssh to come in on port 22022 (service called ext-ssh already set up for that) to be forwarded to 192.168.0.xx port 22?
If you can hold your horses I may can tell you in Plain Eng later on. At the moment I am not directly in front of one and the ones I have access to can not be accessed over the WAN. This would be later EST Time Tonight.
It's not hugely urgent - I'd like to get it set up and working before the end of the week. If you reply later today I'll see it tomorrow, and that is just fine.
It gives you a choice of what ports you want the service to use. You simply have to enter the numbers into the empty boxes (choose Custom Service). IE; you will have to make a Custom Service.
Looking at your port choice from a Social Engineering Stand Point your defeating the purpose of port masking. Choosing port 22022 tells me that you have ssh running on a server. Non the less you can also do what Steve said.
I'll look at both options, once I've seen your next reply. I'm aware that this is not locked-down security, just that it will deter the casual poke- around merchants. Once I'm convinced that I have it working it will be disabled except for the periods when I'm away from home. (I do know that works, because last time I was away I forgot to re-enable the imap service, and I couldn't get in.)
Anne