Router with Port Redirecting

Discussion in 'Networking & NAS' started by ntm1275, Feb 2, 2009.

  1. ntm1275

    ntm1275
    Active Member

    Joined:
    Nov 18, 2005
    Messages:
    586
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    43
    Ratings:
    +132
    I'm looking for a ADSL2+ Wireless router that will allow me to redirect incoming WAN ports to a different LAN ports

    The reason is because I want to access the Web GUI of my NAS from work, but work has blocked almost all ports apart from the commonly used ones
    (21, 25, 80, 110, 443, 8080)

    The NAS uses port 5000 or 5001

    An example would be:-
    I want to redirect the incoming WAN port 8080, to LAN port 5000

    I have used Netgear for many years, and have had no problem with them, but the Netgears do not have this redirection functionality

    Can anybody give me examples of ADSL2+ Wireless routers that have this funtionality, so that I can then make a judgement

    Any personal experiences with these routers is also welcome

    Many thanks
     
  2. Kristian

    Kristian
    Well-known Member

    Joined:
    Oct 1, 2002
    Messages:
    2,251
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    83
    Location:
    Sunny Scunny
    Ratings:
    +446
    Does your works' 'Acceptable Use Policy' allow you to do this? I would guess they've locked things down for a reason...

    If they don't mind you doing it then I would think they'll be okay on opening up the necessary ports. Why don't you ask them... ;)
     
  3. drummerjohn

    drummerjohn
    Active Member

    Joined:
    Sep 2, 2001
    Messages:
    2,497
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    66
    Location:
    South Derbyshire
    Ratings:
    +205
  4. ntm1275

    ntm1275
    Active Member

    Joined:
    Nov 18, 2005
    Messages:
    586
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    43
    Ratings:
    +132
    I know my IT Dept Manager fairly well, but he sys that it is corporate policy to only allow the common ports, to keep the network locked down

    Corporate Security is far more important than my request, and I agree with him, so I need to find a work around by using Port Redirection
     
  5. Kristian

    Kristian
    Well-known Member

    Joined:
    Oct 1, 2002
    Messages:
    2,251
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    83
    Location:
    Sunny Scunny
    Ratings:
    +446
    Your post is contradicting itself :confused: You say Corporate Security is important yet you are admitting to trying to get round it :rolleyes:

    What does your AUP say about accessing other networks/systems that are not directly attached to the work's network? If you need to connect to your home NAS for valid work reasons then your IT department should create a solution for you.

    Usually, breaking an AUP will lead to disciplinary proceedings...
     
  6. mickevh

    mickevh
    Well-known Member

    Joined:
    Apr 30, 2007
    Messages:
    7,207
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    133
    Location:
    West London
    Ratings:
    +1,725
    Another "issue" with using standard ports at your office in the way you suggest is that it hits legitimate traffic. Say you get out on port 80 (the "web" port) - you get to play with your NAS, but everyone elses web browsing slows down.

    Also, some of the better corporate firewall solutions do "deep" anaysis of the traffic passing through them and will reject it if it doesn't look right.
     
  7. drummerjohn

    drummerjohn
    Active Member

    Joined:
    Sep 2, 2001
    Messages:
    2,497
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    66
    Location:
    South Derbyshire
    Ratings:
    +205
    I'm quite sure the OP didn't ask about the moral justifications just about how to do it. It's not like he's asking how to make a bomb.
     
  8. ntm1275

    ntm1275
    Active Member

    Joined:
    Nov 18, 2005
    Messages:
    586
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    43
    Ratings:
    +132
    Just spoken to our IT manager, and he says they will only allow port 80 and 443, which are the standard internet ports

    I asked him if accessing work related files stored at home, using HTTPS on port 443 and redirecting to port 5001 on my NAS would cause any conflict with the corporate policy and he said no, as all access is logged and monitored
    This connection will only be used for work related files

    I work quite alot from home in the evenings, and also at other Non Corporate sites, and currently I have to transport my files back and forth via a USB stick, which I think is a high security risk, given all the reports in the news at the moment

    So that is why I was looking at a different approach


    Anyway, has anybody got any other suggestions for a port redirecting router
     
  9. Kristian

    Kristian
    Well-known Member

    Joined:
    Oct 1, 2002
    Messages:
    2,251
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    83
    Location:
    Sunny Scunny
    Ratings:
    +446
    Well in that case I'd suggest he turns off the works firewall and jobs a good 'un :rolleyes:

    So you are condoning him working round the security put in place by his employer? Maybe the OP's work doesn't have an AUP in which case he can do as he likes. There is a risk to his work's network if he does what he wants to do and I've pointed out that there may be issues if he does.
     
  10. Kristian

    Kristian
    Well-known Member

    Joined:
    Oct 1, 2002
    Messages:
    2,251
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    83
    Location:
    Sunny Scunny
    Ratings:
    +446
    I'd get that in writing, sort your router out and the job's done :)

    Does your company allow FTP (ports 20 and 21) to the Internet (you state port 21 in your first post)? Your NAS probably has an FTP server built in (mine does). You could then use the normal port forwarding facility and get your files via FTP.
     
  11. ntm1275

    ntm1275
    Active Member

    Joined:
    Nov 18, 2005
    Messages:
    586
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    43
    Ratings:
    +132
    No it doesn't allow FTP

    In my first post, I assumed that most of the std ports were allowed, but today I found out that it is only 80 and 443
     
  12. drummerjohn

    drummerjohn
    Active Member

    Joined:
    Sep 2, 2001
    Messages:
    2,497
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    66
    Location:
    South Derbyshire
    Ratings:
    +205
    I don't condone anything - I'm simply stating the OP asked a simple question about how to port redirect.
     
  13. t72bogie

    t72bogie
    Well-known Member

    Joined:
    Jul 17, 2007
    Messages:
    3,102
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    133
    Location:
    UK
    Ratings:
    +532
    easiest way is just to use the DMZ function in your Netgear router - this is what its for - access from the outside to a box on the inside ?

    put the NAS on a static IP from the LAN setup page then put the NAS IP in the DMZ on the WAN setup page
     
  14. ntm1275

    ntm1275
    Active Member

    Joined:
    Nov 18, 2005
    Messages:
    586
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    43
    Ratings:
    +132
    Tried that and it doesn't work

    The problem is that even in DMZ I still need to access Port 5001 to access the Web Interface of the File Server, which my work blocks
    e.g. https://my_ip_address:5001

    The redirecting would allow me to use 443 redirected to 5001, as 443 is not blocked
    e.g. https://my_ip_address:443, then the router would internally redirect to 5001, but my work would only see port 443

    Thanks for the suggestion anyway

    I've even tried using dyndns.org's webhop, but that doesn't work either
     
  15. Kristian

    Kristian
    Well-known Member

    Joined:
    Oct 1, 2002
    Messages:
    2,251
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    83
    Location:
    Sunny Scunny
    Ratings:
    +446
    How about installing some web server software on your PC at home. Map a drive to your NAS from this PC. Set your router to forward port 80 or 8080 to your PC and browse to your mapped drive. I don't know if you'll need to write a small web page to show the mapped drive as that's not something I know much about.

    Are you sure the company only allows those two ports? What about NTP (time) or SMTP (email)? FTP is often used to get files from the net too.

    Kris.
     
  16. drummerjohn

    drummerjohn
    Active Member

    Joined:
    Sep 2, 2001
    Messages:
    2,497
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    66
    Location:
    South Derbyshire
    Ratings:
    +205
    The problem is that many "domestic" routers do not do port mapping\redirecting. Yes they will forward one IP on the WAN to another on the LAN but not translating to a different port.

    You need a router that can do this. The Drayteks and Ciscos have this ability.

    The user is trying to get port 8080 on the WAN to map port to port 5000 on the LAN
     
  17. ntm1275

    ntm1275
    Active Member

    Joined:
    Nov 18, 2005
    Messages:
    586
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    43
    Ratings:
    +132
    I don't really want to have my PC on all day using up electricity, that's why I bought the NAS

    The only ports allowed are 80/8080 or 443

    The company has seperate email servers, which I assume may allow for SMTP, but the out going Internet Servers have SMPT and POP ports blocked

    I have tried FTP, and it did work for a while, but ports 20/21 are also now blocked

    My NAS has a built in Web File Managment System, which uses port 5000 on HTTP and 5001 on HTTPS

    Since my last post I have done some more digging about routers with port redirection, has anybody had any experiences of the routers below:-

    LinkSys WAG200G
    DLink DSL-2740B
    DrayTek Vigor 2700G
    Billion 7402G
     
  18. Pengbo

    Pengbo
    Active Member

    Joined:
    May 25, 2003
    Messages:
    76
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    11
    Ratings:
    +14
    Not directly with the Vigor 2700G you mention but I have used Vigor 2600, 2800 and 2900 routers. all have the same ability to redirect outside address and port to an internal address and different port. It is very easy to setup and works a dream.

    Used it recently in work to allow some video monitoring devices to be seen by managers when at home. There were 3 video devices with diff internal ip-addresses that served a web page on port 80. Only had one external ADSL ip-address at the remote location so set it up to use three different external ports and redirected each of these to separate video devices on port 80.

    They can be a bit expensive but are well worth it.

    Another cool thing that you can do with them is set-up LAN-to-LAN VPN's. If you are regularly transferring files this is by far the best and most secure way of doing things as for all effective purposes your home PC becomes almost a PC in the next room at work but on a different subnet. I use this now to monitor servers at work and fix things when they go wrong out of hours. I suspect you might have a bit of difficulty getting your work to go for it though as they seem to have totalitarian leanings but if you are looking for file security it is the way to go.
     
  19. ntm1275

    ntm1275
    Active Member

    Joined:
    Nov 18, 2005
    Messages:
    586
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    43
    Ratings:
    +132
    Problem is now sorted

    I bought a DrayTek Vigor 2800V/VG router off ebay for £55, and it's working like a dream

    It's an older model with only Wireless G, but that doesn't bother me because my laptops only have 'g' anyway

    Port redirecting was so easy to setup

    Took me 2 hours to learn how to use it and put in all the configurations from my Netgear
     
  20. drummerjohn

    drummerjohn
    Active Member

    Joined:
    Sep 2, 2001
    Messages:
    2,497
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    66
    Location:
    South Derbyshire
    Ratings:
    +205
    Good move!!
     
  21. thenegus

    thenegus
    Standard Member

    Joined:
    Jan 16, 2009
    Messages:
    4
    Products Owned:
    0
    Products Wanted:
    0
    Trophy Points:
    1
    Ratings:
    +0
    A bit late but with some routers that run linux (the netgear DG834GT is one) you can access the OS via telnet and use the iptables command to redirect ports.
     

Share This Page

Loading...