Services Behind Linksys Routers
Results 1 to 10 of 10

Thread: Services Behind Linksys Routers

  1. #1
    Senior Member
    Join Date
    Nov 2003
    Posts
    247

    Post Services Behind Linksys Routers

    Alright. So recently, we've have some questions about how to get access to a computer that is behind a router. The general consensus is that its impossible. Luckily for us, its not. In fact, its actually pretty easy. This tutorial is going to be pretty short, but by the end of it you should be able to set up any linksys router to allow a computer to run a service.

    Attached are screenshots to help you see what's going on, and what many of the pages should look like. They're in the .png format, but you shouldn't have any trouble with them. If you would like them in another format, PM me and I'll send them to you.

    It should be possible to do similiar things with a Netgear router, but I cannot be sure. At the moment, I do not have access to any Netgear routers, so I will not be able to give exact instructions. If you know your way around the router, you'll be able to figure out what you're looking from from this tutorial.

    [edit]
    I have since been told that Netgear routers work almost the same way, with almost the same steps as follows. Using this as a guide, it looks like you shouldn't have any problems with it...just adapt the steps slightly. Thanks Axeman!
    [/edit]

    For this tutorial/walkthrough, we'll be using my home network. Here's the basic information that we'll need:
    There are two routers, both Linksys.
    The first one, closest to the internet, is a wireless router downstairs
    The second one, in my room, is a regular four-port linksys router.
    There are two subnets, really. The two subnets are created by the two routers. Subnet two lies entirely under router two, while subnet one lies entirely under router one. Router two is a part of both subnets, since it is hooked up to both. The first one has three assigned addresses, Sally, Davids_Desktop, and 000625F5AFB3. We can ignore Sally and Davids_Desktop. Below are the crucial IP Addresses that we'll need to know:

    4.13.167.16--Internet, outside IP
    192.168.1.1--Router one, Subnet one
    192.168.1.101--Router two, Subnet one
    192.188.1.1--Router two, Subnet two
    192.188.1.101--Requiem (My computer)

    Alright, so we're ready to begin. First of all, you need to know exactly how to make connect to your router so that you can make the needed changes. On a linksys router, the default base address is 192.168.1.1. If it has been changed, it will most likely be the base address for the range that you're using. I.E.

    The Range of IP Address is 224.123.41.101-224.123.41.110 The address you want to use is PROBABLY at 224.123.41.1

    Type the appropriate address into your web browser, and hit Go. A password prompt will come up. The default is no user name, password admin. If its been changed, enter it accordingly. The page that comes up should look something like screenshot1, which is attached. If it doesn't look exactly like that, its fine, don't worry about it. They differ between the exact settings and the exact router. As long as its close, we're okay.

    Start at the router that is closest to your computer, the one that your computer plugs directly into. Connect to that router, and then click on Status, which is one of the tabs near the top of the page. It should look like screenshot two. From there, click on "DHCP Clients Table" this will give you a listing of all of the IP Addresses that are hooked up to that router. See screenshot 3.

    requiem 192.188.1.101 00-08-74-E2-BD-67 Is the computer that I am on, and the one that I'm interested in. The IP address is 192.188.1.101. Now, if you also happen to be doing all of these things from the computer that you want to run a service off of, then you can skip that last step. Go ahead and instead just look at the Status page. The first thing under WAN is your IP Address, which is still 192.188.101 The order may vary between exact routers, but it'll be on there.

    Take note of the IP address, and also make sure that you've noted exactly what the gateway IP Address is. If this is the only router on the network, you don't have to worry about a this.

    From there, go on over and click on Advanced. See screenshot4. From Advanced, click on Forwarding, or Port Forwarding. Screenshot5. From here, you just need to know the IP Address that you want it sent to, and the port that it will be running on. Fill it out accordingly, and any request for a service directed to the router will be forwarded to the computer behind it.

    Tada! You can now run SSH, FTP, or nearly any other service* behind the router.

    *NOTE: With Linksys routers, it is NOT recommended that you run webservers this way. Since many changes are made to the router using a small webserver, and access through port 80, any port requests that are sent to the router will go to your computer instead. It will become next to impossible to make further changes.

    Continue with the same procedure until you reach the router that connects directly to the internet. From this point on, however, you'll want to forward the ports to the routers, only forward it to your computer at the very end. While it is possible to forward directly to your computer, it often causes problems with the subnet, and it is not recommended if you are new to this.

    If you do all of this, you shouldn't have any problems running a few services behind a router.

    Good luck!
    www.ADigitalPimp.com
    There is a ghost in the machine, and he is my friend.

  2. #2
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    *NOTE: With Linksys routers, it is NOT recommended that you run webservers this way. Since many changes are made to the router using a small webserver, and access through port 80, any port requests that are sent to the router will go to your computer instead. It will become next to impossible to make further changes.
    I can't believe that to be true..

    With port forwarding, it forwards from the WAN side.... so if someone on the internet wants to connect to your web server through your router on port 80, thats OK.

    If you need to configure your router more via web interface... then simply point your web browser to the LAN interface. http://192.168.0.1:80 or whatever

    That *shouldn't* forward to your webserver... linksys can't be dumb enough to actaully forward ALL requests to port 80 to the webserver... can they?

    Otherwise... pretty good tutorial!
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  3. #3
    Senior Member
    Join Date
    Nov 2003
    Posts
    247
    I honestly don't know if it would create problems like that...it might, it might not. I'm not really willing to try it out.

    However, on the routers that support port 8080, you can try to aim your browser at that port. ;-)
    www.ADigitalPimp.com
    There is a ghost in the machine, and he is my friend.

  4. #4
    Top Gun Maverick811's Avatar
    Join Date
    Oct 2001
    Posts
    852
    phishphreek80 is correct - internally, the router will recognize that you are accessing it's web interface setup - from the outside world, requests on port 80 are forwared to the webserver. I've got a Linksys at my house and for a brief period of time ran a webserver from one of my internal machines. I had no problems connecting to the web interface setup and outsiders had no problems connecting to the webserver.

    Further, even if you screwed the router's config there is always the handy reset button on the router!
    - Maverick

  5. #5
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    I could see the webserver issue causing a problem only if you are a complete moron who throws caution to the wind.

    By default Linksys routers only listen for internal requests to port 80, so anything coming in over the internet would be treated like all other data and forwarded to the correct destination. However, there is an advanced option to enable the router to listen for port 80 requests on the WAN port. If you enabled this option, then you are going to see some conflicts. The router is going to want to answer the request, yet if you have port forwarding, it'll also want to forward the request. I'm not sure which would take precidence in that case.
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  6. #6
    Senior Member
    Join Date
    Nov 2003
    Posts
    247
    HTRegz---That's the dilemna, now isn't it? I haven't personally tried it, and I'm not sure how it would react to an internal call. It may stop you from making adjustments, it may not. Maverick says it won't....thanks for that bit of information. ;-)
    www.ADigitalPimp.com
    There is a ghost in the machine, and he is my friend.

  7. #7
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,324
    HT, that is only if you want to allow people from the WAN side to access your config page.

    Why on earth would you want to do that?

    I could see if you can config ACLs to only allow certain IPs to access it... but with linksys... its all or nothing.

    And... I'm guessing that by your choice of words... you're saying you've got to be a complete moron to set it up this way? Because... thats what I'd think too...

    So, unless you are a complete moron... then you should have no problems!
    Quitmzilla is a firefox extension that gives you stats on how long you have quit smoking, how much money you\'ve saved, how much you haven\'t smoked and recent milestones. Very helpful for people who quit smoking and used to smoke at their computers... Helps out with the urges.

  8. #8
    Super Moderator
    Know-it-All Master Beaver

    Join Date
    Jan 2003
    Posts
    3,914
    Originally posted here by phishphreek80
    HT, that is only if you want to allow people from the WAN side to access your config page.

    Why on earth would you want to do that? I could see if you can config ACLs to only allow certain IPs to access it... but with linksys... its all or nothing.

    I agree, but like I said only if you were a complete moron who throws caution to the wind, other than that you won't run into any problems.... I was just giving the case where it could possibly cause a problem.

    [Edit]

    Wow you edit as I post... see great minds do think alike

    [/Edit]
    IT Blog: .:Computer Defense:.
    PnCHd (Pronounced Pinched): Acronym - Point 'n Click Hacked. As in: "That website was pinched" or "The skiddie pinched my computer because I forgot to patch".

  9. #9
    Member
    Join Date
    Jan 2004
    Posts
    40
    I run Netgear routers and it works the same way, pretty much the same steps
    I have 315 relays and 118 switches and have all the power of a calculator.

  10. #10
    Senior Member
    Join Date
    Nov 2003
    Posts
    247
    Thanks Axeman!
    www.ADigitalPimp.com
    There is a ghost in the machine, and he is my friend.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •