Earthweb.com Practically Networked Home Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation
Welcome to PractiallyNetworked
Product Reviews

 • Routers
 • Hubs/Switches
 • Wireless Gateway
 • Wireless AP
 • Wireless NIC
 • Network Storage
 • Print Servers
 • Bluetooth Adapters
Troubleshooting
& Tutorials

 • Networking
 • Internet Sharing
 • Security
 • Backgrounders
 • Troubleshooting
    Guides

 • PracNet How To's
User Opinions
Practicallynetworked Glossary

 Find a Network Term  
 
Forums
About
Jobs
Home

  Most Popular Tutorials

• Microsoft Vista Home Networking Setup and Options
The most daunting part of upgrading to Windows Vista may be trying to figure out where in the layers of menus the networking and file-sharing options are hidden.

• Do It Yourself: Roll Your Own Network Cables
It may not be something you do everyday, but having the supplies and know-how to whip up a network cable on the spot can be very handy.

• Tips for Securing Your Home Router
Seemingly minor and easily overlooked settings can still have profound security implications. Here are some steps you can take to make sure your wired or wireless home router and by extension, your network is as secure as possible.

  Most Popular Reviews

• Microsoft Windows Home Server
If you have a home network, you'll welcome the easy file sharing, remote access and the image-based backup features of Windows Home Server.

• Iomega StorCenter Network Hard Drive
Iomega's fourth generation StorCenter Network Hard Drive brings many of the features found in higher-end storage devices down to an attractive price.

• MikroTik's The Dude
This free tool delivers many of the same capabilities that you'd find in pricey network monitoring tools. As long as you don't mind tinkering, The Dude is a decent network utility that should be worth the download.


Networking
SW Proxy Servers  
NAT SW (ICS, Sygate, etc)
NAT HW Routers
NAT HW & SW
Wireless
Other Problems
 
Secure LAN
Special Applications
Other Help
Tools


NOTE: These instructions have changed since the original 3/6/01 posting.  If you followed the old instructions, please read and follow the new instructions below. The old instructions open a very bad security hole in your router!

First, check that the Input Filter Sets are set correctly by following this procedure:

a) Telnet into the SMT interface and find the Remote Node Profile Menu option.

b) Enter the Remote Node screen and tab to the Session Options parameter and use your Space bar to toggle Edit Filter Sets to Yes and press Enter.

c) On the Remote Node Filter screen, check that the Input Filter Sets, protocol filters= is set to 3.   If it is, press the Escape key until you get to the top SMT menu.  Now follow the Filter Modification procedure below.

d) If Input Filter Sets, protocol filters= is blank, tab to that line, Type 3, then press your Enter key until you get to the "Enter here to Confirm or ESC to CANCEL:" line.  Press Enter again.  You should see "Saving to ROM...Please Wait" flash by quickly. If you don't see the "Saving to ROM..." message, the new value has not been saved! Repeat Step b and this step until you see the message.


Filter Modification Procedure

Routers with 3.XX firmware come with default filters set so that FTP, Telnet, and HTTP (Web) servers on the LAN side of the router can't be accessed, even if you set up the proper SUA port and IP address of the server.  These filters are important to the routers' security because they block WAN (Internet) access to the HTTP, FTP, and Telnet administration services that are built into the routers.  If you need to run HTTP, Telnet or FTP servers on your LAN that must be accessed from the Internet, you'll need to change the appropriate filter rule for the service you want to run.  To change the filter rule, follow the procedure below:
(The screen shots below are from an RT314 with 3.24 firmware.)

1) Telnet into the SMT interface and find the Filter Set Configuration option.  Enter the number of this option and press the Enter key.  This will bring you to the Filter Set Configuration screen shown below.

Filter Set Configuration screen

2) Enter the Filter Set Number (which should be 3 in the default router configuration) and press Enter three times. This will bring you to the Filter Rules Summary screen shown below.

Filter Rules Summary screen

3) Enter the number of the rule that you want to change.  Rule 1 is for Telnet (Port 23), Rule 2 is for FTP (Port 21), and Rule 3 is for HTTP (Port 80).  This will bring you to the Filter Rule screen as shown below.

Important: Change only the rule for the services that you want to run.  Changing or disabling the Telnet or FTP rules will expose those administration services to the WAN (Internet) even if you do not have an SUA defined for those services!

Filter Rules Edit screen

4) Tab (or press Enter) down to the Action Matched parameter, and press the Space Bar until the Action Matched parameter shows Forward as shown in the screen shot above.  Press Enter twice and you should see "Saving to ROM...Please Wait" flash by quickly. If you don't see the "Saving to ROM..." message, the new value has not been saved! Repeat Steps 2-4 until you see the message!

5) Repeat Step 2 and check the Filter Rules Summary screen. You should see an F in the m column for Rule 3 as shown below.  press your ESC key to back out of the menus to the top level of the SMT and exit SMT.  Your SUA setting should now work.  If you do not see an F in the m column for Rule 3, repeat this procedure until you have an F in the m column for Rule 3.

Filter Rules Summary screen (with changed Rule)

 



Earthwebnews.com Earthweb developer.com HardwareCentral earthwebdeveloper CrossNodes Datamation


Home | Networking | Backgrounders | Internet Sharing | Security | HowTo | Troubleshooting | Reviews | News | About | Jobs | Tools | Forums