LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking
User Name
Password
Linux - Wireless Networking This forum is for the discussion of wireless networking in Linux.

Notices


Reply
  Search this Thread
Old 01-06-2008, 12:21 PM   #1
markjuggles
Member
 
Registered: Nov 2003
Location: Chicago western suburbs
Distribution: Linux Mint
Posts: 75

Rep: Reputation: 15
Linksys WRT54G Port Forward or DMZ


Hello Everyone,

I would like to make my home Ubuntu web/ftp server accessible to the internet. My hardware stack is:

[SpeedStream 4100 DSL Modem]
[Linksys WRT54G Router] (Firmware Version: v1.02.2, Jun. 7, 2007)
[Wired Windows-1]
[Wired Windows-2]
[Wired Ubuntu]
[Wireless Windows Laptop]

My understanding is that with the WRT54G in place, it is necessary to use either Port Forwarding or DMS to the IP address of the Ubuntu box to make it visible to the outside world.

How can I do this? The things I have tried are shown below. Variations include rebooting Ubuntu and the WRT54G.

Thanks,

Mark


Configuration 0 (Sanity Test)
---------------
Plug Ubuntu directly into the SpeedStream.
Run 'ifup' and 'ifdown' to settle the IP address.
Get external IP address from SpeedStream.
Test http, ftp, telnet from the internet side.
Everything works!

Configuration 1 (Desirable)
---------------
Verify Ubuntu's local IP address from Windows.
Set Port Forwarding of ports 20-23 and 80-80 to Ubuntu's address.
Test http, ftp, telnet from the internet side.
No response.

Configuration 2 (Acceptable)
---------------
Verify Ubuntu's local IP address from Windows.
Enable DMZ for Ubuntu's address.
Test http, ftp, telnet from the internet side.
No response.

Configuration 3 (Grasping at straws)
---------------
Do Port Forwarding and DMZ at the same time.
No Response.
 
Old 01-06-2008, 01:05 PM   #2
Brian1
LQ Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 65
On the linksys you can do two things. Post forward the desired external wan ip/port to the internal lan ip/port. What you what to do first is define a static IP to the Ubuntu machine so it always has the same internal lan IP when it boots up.

Example to foward ssh connection
You add a port foward from the external which is default port 22 to the static IP set on the ubuntu machine port 22. Then on Ubuntu if there is a firewall enabled it either needs to be disabled or open port 22 through it.

To forward as DMZ it means to forward any data recieved on wan conection directly to the lan IP defined machine. Which what happens is when one connects to to your wan IP what they see is the machine itself. It would be like if the Ubuntu machine was directly connected to modem. Again if firewall exist it needs to be disabled which in this case would not be advisable. Better to have firewall active and open only the needed ports.

Brian
 
Old 01-06-2008, 01:52 PM   #3
markjuggles
Member
 
Registered: Nov 2003
Location: Chicago western suburbs
Distribution: Linux Mint
Posts: 75

Original Poster
Rep: Reputation: 15
Hi Brian,

Thanks for the reply.

The WRT54G has a local IP address of 192.168.2.1 and is set to 10 DNS clients.

I set the Ubuntu box to 192.168.2.100.

It's ftp, telnet, and http are reachable from the windows machines on the router side and it can browse the web.

The two approaches were tried for the static IP: (1) DMZ enabled for 192.168.2.100, and (2) with Port Forwarding for 20-23 and 80 for 192.168.2.100. (By the way, which ports do you suggest forwarding?)

An outside machine still cannot ping, ftp, telnet, or http to the Ubuntu machine. The modem's IP address was tested two different ways.


Any other ideas?

Mark
 
Old 01-06-2008, 02:31 PM   #4
Brian1
LQ Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 65
If you set the DMZ to point to your Ubuntu machine you do not need to define any port forwarding. All DMZ does it make the machine look like it is already on the outside like it is the only thing connected to modem. So looks like no firewall or at least the needed ports because you can access from other lan machines.

Has there been anything added to say /etc/host.allow or /etc/host.deny to only use local lan IPs?

On the machine goto here and see what ports are seen.
http://www.pcflank.com/test.htm

Brian
 
Old 01-06-2008, 05:05 PM   #5
markjuggles
Member
 
Registered: Nov 2003
Location: Chicago western suburbs
Distribution: Linux Mint
Posts: 75

Original Poster
Rep: Reputation: 15
I have been trying DMZ and Port Forwarding independently and Port Forwarding would be my preferred solution.

The hosts.allow and hosts.deny files are out-of-the-box with only comments, no entries. This should be 100% open which corresponds to my modem-to-ubuntu experiment.

Running the PCFlank test resulted in:

http://www.pcflank.com/details.html

Warning!
The test found visible port(s) on your system: 1080, 3128

Warning!
The test found visible ports on your system: 27374, 12345, 1243, 31337, 12348.
The following Trojans use these ports: SubSeven, NetBus, SubSeven, Back Orifice,
BioNet
Although these ports are visible, they are not open, so your system is not infec
ted. However, having visible ports on your system means your computer can be "se
en" over the Internet. This makes it very easy for skillful intruders to explore
your system.


This was on the ubuntu box with DMZ enabled for its ip address.

What's going on here? Can anybody do Port Forwarding or DMZ with a Linksys WRT54G????

Mark
 
Old 01-06-2008, 10:32 PM   #6
markjuggles
Member
 
Registered: Nov 2003
Location: Chicago western suburbs
Distribution: Linux Mint
Posts: 75

Original Poster
Rep: Reputation: 15
Good News,

I had a long internet chat with Linksys and they ultimately told me to:

1. Hit the reset button for 10 seconds with power on
2. Remove power for 10 seconds
3. Power up and restore my settings

Now both DMZ and Port Forwarding work as expected.

By the way, googling for "WRT54G Port Forward Failure" gets lots of hits. I don't know what's going on here, but Linksys does have good support.

Thank you Brian
 
Old 01-07-2008, 03:45 PM   #7
Brian1
LQ Guru
 
Registered: Jan 2003
Location: Seymour, Indiana
Distribution: Distribution: RHEL 5 with Pieces of this and that. Kernel 2.6.23.1, KDE 3.5.8 and KDE 4.0 beta, Plu
Posts: 5,700

Rep: Reputation: 65
Glad to see you got it working.

Brian
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
New at Linksys Rouder Model WRT54G v5 HELP!!!!!!!!!! Juggalo54 Linux - Newbie 4 10-18-2007 05:06 PM
WRT54G linksys router help babyswan Linux - Networking 2 07-23-2007 08:17 AM
linksys wrt54g firmware gv_rajasekhar Linux - Networking 1 11-27-2006 12:11 PM
WRT54G linksys router reefa Linux - Networking 2 03-16-2005 04:56 PM
Help! Port Forward Linksys firewall to Linux Webserver ryant Linux - Networking 3 09-20-2004 03:06 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking > Linux - Wireless Networking

All times are GMT -5. The time now is 01:31 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration