PC Applications forum

General discussion

Automatic Port Mapping

by louietyj / October 14, 2009 12:52 AM PDT

Hi,

I'm using FireZilla Server behind an NAT router on port 21. As I intend to use this remotely, I need my router to ensure that the port points to my computer at all times (or at least when it's connected).

I can do a manual port forwarding, but there isn't a feature for static DHCP on the router, and I cannot use static IP configuration on my computer because I also intend to carry it around with me.

I can forward a different port to a different IP address and make FireZilla bind to each of these IP addresses (one will be correct), but this would be extremely infeasible and insecure.

I can periodically map port 21 to my computer using a program on the computer itself, but the few programs I have found which maps uPnP ports do not do it automatically (detects when you reconnect to a router) or periodically (say, every 10 minutes).

Any advice?

Thanks.

Discussion is locked
You are posting a reply to: Automatic Port Mapping
The posting of advertisements, profanity, or personal attacks is prohibited. Please refer to our CNET Forums policies for details. All submitted content is subject to our Terms of Use.
Track this discussion and email me when there are updates

If you're asking for technical help, please be sure to include all your system info, including operating system, model number, and any other specifics related to the problem. Also please exercise your best judgment when posting in the forums--revealing personal information such as your e-mail address, telephone number, and address is not recommended.

You are reporting the following post: Automatic Port Mapping
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Collapse -
Let's go about this the other way around.
by R. Proffitt Forum moderator / October 14, 2009 11:01 PM PDT
In reply to: Automatic Port Mapping

Research DYNDNS to see if that can be used.

Collapse -
Already using...
by louietyj / October 14, 2009 11:19 PM PDT

I'm already using DYNDNS to make sure my URL always points to my external IP address. External, not internal. Besides, even if I was able to find out my internal address, without port forwarding/mapping, there's not much I can do.

Thank you.

Collapse -
Which is why we change port addresses on servers.
by R. Proffitt Forum moderator / October 14, 2009 11:57 PM PDT
In reply to: Already using...

This brings me back to the same solution I used for years. When I have multiple FTP servers I assign them in some order like port 8121, 8221, etc.

Now it's just a matter of ip addressing.

The problem you are trying to solve is clear as mud. We can solve:

1. Some FTP server that is mobile with DYNDNS.
2. Multiple FTP servers on a LAN or even the internet with changing the port ftp is served up on.

Some combo of DYNDNS and ftp port settings seems to be as close as we can get today.

However I continue to meet folk that didn't know you could use other than 20, 21 for FTP ports.
Bob

Collapse -
I only have 1 FTP server...
by louietyj / October 15, 2009 12:03 AM PDT

But

Collapse -
So let's simplify it.
by R. Proffitt Forum moderator / October 15, 2009 12:14 AM PDT

You want a portable FTP server that is always on stock ftp ports.

No need to change ports in the router. That's not the issue.

You use DYNDNS (my router supports this!) to have ftp requests go to that server that is where DYNDNS reports it to be.

Seems we are done?
Bob

Collapse -
Simplified.
by louietyj / October 15, 2009 12:22 AM PDT
In reply to: So let's simplify it.

I can easily access my external IP address through DynDNS, no doubt.

From there, I need to be able to reach FireZilla, which resides on a computer which changes internal IP frequently. The port(s) FireZilla binds to is/are not the issue.

Collapse -
I only have 1 FTP server.....
by louietyj / October 15, 2009 12:16 AM PDT

(sorry for the accidental double-posting)

... but I think I know what you mean. Just to make sure that I've understood you correctly, say I set up a lot of port forwarding policies:

Port: 919 192.168.2.1
Port: 929 192.168.2.2
Port: 939 192.168.2.3
Port: 949 192.168.2.4
Port: 959 192.168.2.5
Port: 969 192.168.2.6
[...]

and get FireZilla to listen on all these ports such that whichever IP address I am assigned, one of them will reach FireZilla.

I've tried this and it works PER SE, but as I mentioned in my first message (option #2) it leaves a lot of security holes.

Collapse -
About security.
by R. Proffitt Forum moderator / October 15, 2009 12:26 AM PDT

FTP is not secure at all. For example the old username and password is sent in the clear in almost all instances. I'm almost amazed FTP hasn't been banished from use.

That's a discussion worthy of its own discussion.

About lot of port forwarding. I used ONE and it was set up with dyndns to the ONE ftp server. Maybe there's part of the story not told yet but moving a ftp server all over the internet is solved with dyndns.

I can see that if your router doesn't do dyndns you would be working far too hard.
Bob

Collapse -
Security issues.
by louietyj / October 15, 2009 12:35 AM PDT
In reply to: About security.

FTP doesn't have to be secure. I'm not really bothered with a hacker being able to access the single folder I am opening to FTP. What i'm bothered about is what the hacker will do when he find another 6 ports pointing to the same computer behind a NAT router. But this is irrelevant.

My router doesn't have to do DynDNS for me as I have already installed the DynDNS client on the computer. Problem solved.

I don't move my FTP server all over the Internet (or at least, if I bring my laptop hosting the FTP server, I don't need FTP access). My problem is when its connected to the SINGLE ROUTER at home, and changes its internal IP address (because of DHCP) such that a simple static port forwarding will be invalid. And I don't want to use a static IP address.

Collapse -
Dug a little deeper.
by R. Proffitt Forum moderator / October 15, 2009 12:43 AM PDT
In reply to: Security issues.
Collapse -
What are you referring to...
by louietyj / October 15, 2009 2:42 PM PDT
In reply to: Dug a little deeper.

... when you say this is NOT a feature of DynDNS?

If you're referring to reaching my external IP address, then DynDNS was created for this purpose, period.

If you're talking to reaching my internal IP address, then DynDNS cannot do this, period.

By DHCP Reservation, I assume you mean static DHCP which I mentioned in my first post? That's not available on my current Belkin router, although my previous Linksys router did, and I've been using that feature for 3 years now. I've already emailed Belkin tech support to confirm that this feature isn't hidden somewhere in the very messy settings page.

Collapse -
Perhaps...
by louietyj / October 15, 2009 2:46 PM PDT
In reply to: Dug a little deeper.

... you were referring to the part of my message when I said "My router doesn't have to do DynDNS for me as I have already installed the DynDNS client on the computer. Problem solved."

Let me clarify:
In some routers there is a page where you can specify DynDNS address and your username and password, and it will automatically update the DynDNS database with your current external IP address. Belkin has this feature, but it doesn't work. As such, I am using the client software from the DynDNS website where the program will determine the computer's external IP address through checkip.dyndns.org:8245 and report it to DynDNS database. This is EXTERNAL IP, not INTERNAL IP.

Collapse -
Then you have created the need for a new product.
by R. Proffitt Forum moderator / October 15, 2009 11:15 PM PDT
In reply to: Perhaps...

We've beat this up so that our FTP server can get a proper DynDNS all working as well as that works. What you want is not a feature of any solution today.

Time to find or become a programmer.

About "Belkin has this feature, but it doesn't work."
It's sad when people keep the defective gear as the makers get the message this is acceptable.

Just sharing. I have a server. It's on my internal LAN and through dyndns (I won't bother with proper caps, etc.) when I give it either the external or internal name it resolves and I get access if my machine is on the internet or on the lan. So we know this works. Why your need breaks is a bit of a mystery. It could be some side effect of how you tried to fix your router.
bob

Popular Forums
icon
Computer Newbies 10,686 discussions
icon
Computer Help 54,365 discussions
icon
Laptops 21,181 discussions
icon
Networking & Wireless 16,313 discussions
icon
Phones 17,137 discussions
icon
Security 31,287 discussions
icon
TVs & Home Theaters 22,101 discussions
icon
Windows 7 8,164 discussions
icon
Windows 10 2,657 discussions

GIVEAWAY

Turn up the volume with our Apple Byte sweeps!

Two lucky winners will take home the coveted smart speaker that lets Siri help you around your connected house. This sweepstake ends Feb. 25, 2018.