Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1106
  • Last Modified:

Port forwarding and port triggering

Hi,

I'm using DynDNS service with an address like http://myweb.dyndns.org.

I have a website in my LAN at 192.168.3.50:8080

On my router I have port forwarding and port triggering services.

Here is how I configured :
Port forwarding : Port 80 > 192.168.3.50
Port triggering : Triggered range : 80-80 / Forwarded range : 8080-8080

I tried the following config. :
Port forwarding : Port 8080 > 192.168.3.50
Port triggering : none

This is working well if I add the port in the address like http://myweb.dyndns.org:8080-

My objective : to not write the port in the address like http://myweb.dyndns.org:8080 but only http://myweb.dyndns.org.

Thanks for your future answer.

Phil
0
s2000_com
Asked:
s2000_com
1 Solution
 
Aaron TomoskyTechnology ConsultantCommented:
Your trigger and forward ranges are backwards I think.

Triggered range 8080
Forwarded range 80
0
 
JAMcDoCommented:
What is the make and model of your router?

Does your router offer a DMZ functionality?  On my router, with the DMZ enabled, it allows me to expose a single computer to the Internet and allows me to identify the IP address of the computer.

J.
0
 
s2000_comAuthor Commented:
aarontomosky: I tried to invert it without success

JAMcDo: Linksys (Cicsco) WRT54G2. There is a DMZ functionality but I don't see why this will resolve my problem. Can you give me more details ?
0
 The Evil-ution of Network Security Threats

What are the hacks that forever changed the security industry? To answer that question, we created an exciting new eBook that takes you on a trip through hacking history. It explores the top hacks from the 80s to 2010s, why they mattered, and how the security industry responded.

 
Aaron TomoskyTechnology ConsultantCommented:
Oh, I got m terms mixed up. Port triggering is just an automatic way of port forwarding. I've never had a need for this. Port translating is what you are trying to do and linksys software doesn't let you do that I dot think. Netgear and dlink do as well as any smb gear like sonicwall. If your router can handle ddwrt that will do it as well.
0
 
JAMcDoCommented:
This is from the WRT54G2 Manual - page 18 - User Gude

"Applications and Gaming > DMZ

The DMZ feature allows one network computer to be
exposed to the Internet for use of a special-purpose
service such as Internet gaming or videoconferencing.
DMZ hosting forwards all the ports at the same time to
one PC. The Port Range Forward feature is more secure
because it only opens the ports you want to have opened,
while DMZ hosting opens all the ports of one computer,
exposing the computer to the Internet.


DMZ

Any PC whose port is being forwarded must have its DHCP
client function disabled and should have a new static IP
address assigned to it because its IP address may change
when using the DHCP function.
To expose one PC, select Enable. Then, enter the
computer’s IP address in the DMZ Host IP Address field. This
feature is disabled by default.
Click Save Settings to apply your changes, or click Cancel
Changes to cancel your changes."

Even though DMZ may work for you, note the risks.  You will have to lock down the ports that you don't want open on your 'Internet exposed' computer in order to minimize the risks.

I would try to do the 'Port Range Forward' method (Page 17 of User Guide) if you want the router to limit Internet exposure.

J.
0
 
Aaron TomoskyTechnology ConsultantCommented:
If you can't change your website to 80 (which you can totally do as long as you don't already have something you need on 80) the only way to not type 8080 in the browser is to translate the port. Port triggering will not provide the functionality you are asking for.
0
 
UserProtoCommented:
You need only port forward from incoming TCP 80 to internal host 192.168.3.50 port TCP 8080
0

Featured Post

Lessons on Wi-Fi & Recommendations on KRACK

Simplicity and security can be a difficult  balance for any business to tackle. Join us on December 6th for a look at your company's biggest security gap. We will also address the most recent attack, "KRACK" and provide recommendations on how to secure your Wi-Fi network today!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now