Step 1. Opening Ports In The Router
We can perform this process by telnet or by web, according to our preferences. In any case we need some starting data:
We need to know the IP address of the router (gateway) and the IP address of the computer on which we want to mount as web server.
These are the info we need to proceed:
- The local IP of our PC (field IP address), which we must point out because we will use it later (in this case 192.168.1.100)
- The subnet mask.
- The gateway IP (default gateway field), which is the IP address of the router. In example 192.168.1.1.
We will explain the process by telnet, since filter management will necessarily have to be done by that means. We will, therefore, telnet to the IP of the gateway.
- Start -> Run -> telnet 192.168.1.1 (in our case).
- The router, in this case, will only ask us for a password. Use router administration password.
- We will access the first screen, which is the main management menu of the router.
- We will select NAT Setup.
- We select 1. Server Set 1 (Used for SUA Only).
- And, finally we get the screen where we will open the ports.
- The rule 1 is to put a PC in default, ie open all ports to the PC whose IP we place in that field.
- We will open ports 21 and 80 to the IP of PC 192.168.1.81. To do this, we will place in Start Port No. and End Port No. the port number that we want to open. In IP Address we place the IP of the PC in which we are going to mount the server (in this case 192.168.1.81).
- Press Enter until we leave the screen. At this point the ports have been left open.
- We will go to the main screen using escape key to proceed with the second part, the filter configuration.
Step 2. Modification Of Router Filters
The router incorporates filters to ensure your security and avoid unwanted access to both the router itself and our network.
The router, by default, blocks any Internet access to ports 23 (telnet), 21 (ftp), 69 (tftp) and 80 (web).
For our server to work, we must override the rule that affects port 21 (for the ftp server) or the rule that affects port 80 (for the web server).
The procedure is to enter the corresponding rule and change the characteristic Active = Yes to Active = No. We will place the cursor and by using the space bar the option is changed. Then we press enter until the filter is recorded.
Therefore, we will modify the one that affects port 21 for the ftp server or the one that affects port 80 for the web server.
Once this is done, if we have correctly configured the server (and also the firewall if any) any port scanner will find open port 21 or 80.