Question Assistance with Port Forwarding ?

[barbarianhorde]

Hey guys,

I setup a file server and I wanted to setup an FTP server on said file server which is going to require port forwarding. I'll say that more than anything this is just to kinda play around with it and learn something new. I remember learning about port forwarding 20ish years ago when I did my Cisco CCNA/CCNE training (unfortunately I never got certified and never really put that knowledge to use so it's gone by the wayside).

Anyways I've never really done this before, there are TONS of YT Vids and Articles on the web, which are somewhat helpful, but I still have some questions. I'm wondering if there's anyone on here who might be able to give me a little assistance, obviously I don't want to broadcast all of my info on the open forum, so I was hoping we could communicate via PM, Discord, etc. Anyways, any input/guidance would be GREATLY appreciated.

 

[bill001g]

Consumer routers work very different the cisco commercial routers. In many ways it is better because the cisco stuff supports forms of NAT/port forwarding that are not used on home routers.

You will have no issues finding videos on youtube.

A couple thing.

1. You must have a public IP asigned to the wan port of your router. You do not even have to know what private/public IP really are. Just check the IP assigned to the WAN and then use a site like whatsmyip. If the IP are different you likely have a private IP and can never make port forwarding work.

2. FTP is not encrypted you never want to use it in a modern installation. You need to use something like SFTP or better some form of vpn.

The problem with port forwarding is the exact syntax used is different on every router it appears. Some models of router are extremely confusing because like cisco commercial routers they allow complex configuration options few people really use. Stuff like doing different port forwarding based on the IP address the traffic is coming from on the internet.

The first thing to try is to use what most routers call DMZ...even though if you studied network this is a incorrect usage. What this option does is forward all port to a single internal IP. That tends to be the best first rule to put in. It is not really safe long term but your goal is to get all your server and application stuff working correctly. You then can pound your head on the wall trying to guess the details of port forwarding rules on your particular router. You at least know it has to be the port forwarding rule since it works when all ports are forwarded.

 

[barbarianhorde]

Hey Bill,

I apologies for the delay in responding, thank you for all of the info you provided, I REALLY appreciate it. I sent you a private message with a couple of questions. I thought it might be easier than going back and forth on this old thread. Anyways, again I really appreciate your response!

-Dieter

 

[bill001g]

I would always post to the forums. I seldom read private messages and there might be days I do not spend a lot of time reading post so you get a answer from other people. There are many people that know answers to most questions.

 

[lantis3]

Everything should be able to discussed here openly, except your public IP. As long as you do not reveal your public IP. No one viewing this thread will be able to attack your router.

You need a static LAN IP for your PC or device that runs FTP . And either a static public WAN IP domain name or a dynamic domain name (DDNS) if you have a dynamic public WAN IP.

Reveal the router brand/model. It helps if there is online document/pdf manual that we can find the needed info.