So know you know this will be pathetic, I'll begin…

Recently, I convinced my family to switch to a DSL service to replace our pathetic dial up “connection” and manage to save $10 per month in the process. Now the quick snappy connection is nice, but we needed to have more than one computer sitting next to the modem to be able to connect. The solution was a little donation from a friend of my mother's at her office’s IT group; a (still shrink wrapped) Linksys DSL/Cable router!

Anyway, I need to open up a few TCP and UDP ports on the built in firewall, however, after playing around in the browser interface, the only readily available features seem to by IP filtering, DHCP settings, etc. After a quick Google search, I found some vaguely relevant links, most of which touted the importance of “only keeping open the ports you need, for maximum security,” and other sermons you might deliver to an absolute beginner. So, sadly, I think this is knowledge I must be spoon fed, so perhaps someone has a pre-fab response for the occasions when someone asks something like this?

Does your isp have a help section?
I use Verizon and often have to go there
For Settings release renew tools etc.
Take advantage of support options dont
forget your paying for it.

You'll find what your looking for under the advanced tab on the web interface for the router. Just go to the forwarding area and forward whatever ports you need.

cheers

Originally posted here (http://www.AntiOnline.com/showthread.php?threadid=223314#post486193) by Nine Volt
Now the quick snappy connection is nice, but we needed to have more than one computer sitting next to the modem to be able to connect.

Why is that?
Or did I misunderstand the statement?

Ouroboros

I'll bang these off one by one:

Avid: I'm actually using Verizon's DSL service, so um... my guess is "yes." I've looked through it before, and wasn't too impressed.


Obi: Port forwarding, I hadn't thought of that, but am I to udnerstand there's no easy way to open a specific port for everyone inside my network?


Ouroboros: What I ment was I wanted all my computers to have internet access on a network. Sorry, even native speakers can have bad pseudo English :)

Did you check LinkSys web site for Firmware without the NAT Firewall?

obi's post is right. I have a linksys router and thats where you can open the ports.

This is what I use. A Linksys 8 port DSL/Cable router. I have good news and bad news. Yes it does port forwarding. Thats the good news. The bad news. It only does it on limited ports (check the site or your manual. the manual can be downloaded from the site at: http://www.linksys.com). Also, the only way to extend the ports is to place the machine in the DMZ which is mot advised. Because that leaves it wide open so to speak. If you want the extra support to run more port forwarding you have to purchase Zone Alarm Pro, which has an add-in with the latest firmware upgrade to ZA. If you opt not to upgrade and leave it as is. Be very careful and use a personal firewall like Tiny or Sygater where you can set it to defend certain ports or progies even if the machine is in the DMZ. As I said be caeful though....

SUCCESS! The port forwarding worked. Thanks, all. BTW, while we're on the topic, do I stand correct when I say outgoing packets may pass freely through any port?

Not sure I'm reading this right, but you should only need to forward inbound ports that you wanted people to have access to from outside - for most people, this list should be pretty small or non-existant (especially considering that most DSL providers provide you a dynamic address - and annoying ones like PacBell (PBI/SBC) will often "trick" your DHCP client to renew each lease under a different IP address rather than allowing you to "monopolize" or hold one simply by staying online). So, unless you're trying to run a web, ftp, mail (smtp, pop, imap, etc) or ssh server at home, you probably don't need the inbound port forwarded -- and, if you do, you probably still want to do more research to figure out exactly why you want those ports open.

Good rule of thumb... every port you forward back in to your network is a piece of the firewall that you chip off and make useless. You can probably equate it to poking holes in an umbrella so you can see the sky while you walk in a rain storm -- need to make sure you know why you need those holes in the first place. ;-)

Hope this helps...