First, check that the Input Filter Sets are set correctly by following this procedure:
a) Telnet into the SMT interface and find the Remote Node Profile Menu option.
b) Enter the Remote Node screen and tab to the Session Options parameter and use your Space bar to toggle Edit Filter Sets to Yes and press Enter.
c) On the Remote Node Filter screen, check that the Input Filter Sets, protocol filters= is set to 3. If it is, press the Escape key until you get to the top SMT menu. Now follow the Filter Modification procedure below.
d) If Input Filter Sets, protocol filters= is blank, tab to that line, Type 3, then press your Enter key until you get to the "Enter here to Confirm or ESC to CANCEL:" line. Press Enter again. You should see "Saving to ROM...Please Wait" flash by quickly. If you don't see the "Saving to ROM..." message, the new value has not been saved! Repeat Step b and this step until you see the message.
Routers with 3.XX firmware come with default filters set so
that FTP, Telnet, and HTTP (Web) servers
on the LAN side of the router can't be accessed, even if you
set up the proper SUA port and IP address of the server.
These filters are important to the routers' security because
they block WAN (Internet) access to the HTTP, FTP, and Telnet
administration services that are built into the routers.
If you need to run HTTP, Telnet or FTP servers on your LAN that
must be accessed from the Internet, you'll need to change the
appropriate filter rule for the service you want to run.
To change the filter rule, follow the procedure below:
1) Telnet into the SMT interface and find the Filter Set Configuration option. Enter the number of this option and press the Enter key. This will bring you to the Filter Set Configuration screen shown below.
2) Enter the Filter Set Number (which should be 3 in the default router configuration) and press Enter three times. This will bring you to the Filter Rules Summary screen shown below.
3) Enter the number of the rule that you want to change. Rule 1 is for Telnet (Port 23), Rule 2 is for FTP (Port 21), and Rule 3 is for HTTP (Port 80). This will bring you to the Filter Rule screen as shown below.
Important: Change only the rule for the services that you want to run. Changing or disabling the Telnet or FTP rules will expose those administration services to the WAN (Internet) even if you do not have an SUA defined for those services!
4) Tab (or press Enter) down to the Action Matched parameter, and press the Space Bar until the Action Matched parameter shows Forward as shown in the screen shot above. Press Enter twice and you should see "Saving to ROM...Please Wait" flash by quickly. If you don't see the "Saving to ROM..." message, the new value has not been saved! Repeat Steps 2-4 until you see the message!
5) Repeat Step 2 and check the Filter Rules Summary screen. You should see an F in the m column for Rule 3 as shown below. press your ESC key to back out of the menus to the top level of the SMT and exit SMT. Your SUA setting should now work. If you do not see an F in the m column for Rule 3, repeat this procedure until you have an F in the m column for Rule 3.
|Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums|