Port re-directing from outside network

Posted on 2012-04-11
Medium Priority
Last Modified: 2012-05-11
I have a customer that uses a credit card processing software.  Each month they scan his network from outside.  It shows that he has port 23 open on his network, which in fact he does.  There is a piece of software (AS400 client access) that uses that port.  I need to know of a router that I could put in place that could totally re-direct to another port.  Certain routers do that, but it needs to be able to specify a different port that redirects.  For instance, if I were to access the AS400 from outside the network, I would like to change the client access program to use port 9999 instead of 23.   Then on the router, it would say if port 9999 is coming, then change over to port 23 and use that.  I have tried changing the port# on the as400 side to another one, but I can not get it to work.  Any clients that are connecting to the as400 inside the building would still be using port 23.  Would that scenario work? Any thoughts on this?  Thanks, Kevin
Question by:kevinecaldwell
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions

Expert Comment

ID: 37834194
Use a firewall for PAT (Port address translation) for external access IP only...9999 translates to 23.
LVL 10

Expert Comment

ID: 37834460
Any half-decent router should be able to do such thing.
And it would work exactly as you want, it opens 9999 (or any) port on the outside IP and redirects it to a given local ip address and port,from inside the lan the port would not change. Such options are usually available within router web-gui.
We would need actual router model to give you more directions.
LVL 82

Accepted Solution

David Johnson, CD, MVP earned 2000 total points
ID: 37838352
Here is how I do it with my router

Expert Comment

by:Jon Snyderman
ID: 37839588
Any Wathcguard or SonicWall will do this easily.   But also being an iSeries guy, I dont recommend this.   Client Access supports full SSH encryption and there are other simpler emulators that do the same.   iSeries passwords at most companies are fairly lax and opening any port to an unsecured telnet port is very risky.   BTW, changing the port number is security by obscurity and any simple free port scanner will sniff it out very fast.   I would recommend insuring passwords are good (for everyone) and then using a secure SSH session, or use a firewall with VPN capability and let the users open a VPN session and then connect direct to the iSeries with no changes to the iSeries or Client Access.


Author Closing Comment

ID: 37959621
The TP-Link 300M router worked perfectly.  I had tried 2 other routers but they did not the same way as that one.  Thanks

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains how to install and use the NTBackup utility that comes with Windows Server.
If you troubleshoot Outlook for clients, you may want to know a bit more about the OST file before doing your next job. IMAP can cause a lot of drama if removed in the accounts without backing up.
The basic steps you have just learned will be implemented in this video. The basic steps are shown to configure an Exchange DAG in a live working Exchange Server Environment and manage the same (Exchange Server 2010 Software is used in a Windows Ser…
how to add IIS SMTP to handle application/Scanner relays into office 365.
Suggested Courses
Course of the Month12 days, 4 hours left to enroll

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question