PINK and Dynamic DNS

Tumbler

Hi,

I asked this question yesterday to in another topic, but nobody answerd my question, so i asked it in a new topic.

I have a PINK module and a dynamic dns account at no-ip.com
I setup my router properly, forwarding ip and portnumbers etc...
When i open the website i get an empty webpage, i think pink's webserver is listening to port 80
The problem is my provider (telenet): telenet blocks all ports below 1024
Can i setup the pink webserver so it's listening to a higher portnumber?
·

stamptrol

Have you tried your setup without the forwarding ip service?

Have you used the id utility that came with the PINK?

You should be able to put the PINK on the router and enable port 80 in the router setup process. Port 80 must be doable because I assume you can get on the internet with your computer, right?

Cheers,

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Tom Sisk

http://www.siskconsult.com
·

RDL2004

You should be able to go into your router's set up and find out what ip address it is assigned (by your service provider). Then try to access your PINK using this direct ip address (like this for example- http://75.69.21.221/). Also, if you're using dhcp on your end check that the router is actually fowarding port 80 to the PINK's local ip address and not some other device. I run into this issue sometimes because with dhcp if the router restarts there is no guarantee that anything connected on your local network will get the same ip address it had previously.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
- Rick

Chris Savage

Hello,

It wouldn’t make much sense to block everything below port 80. All web page traffic happens by default on port 80. In any event you should be logging into the address of your router and it will translate to the internal/private address on the network. I have found some routers require you to set static IP addresses on the local network for port forwarding. For example, my IP address at my router may be 205.232.34.1 (not really, but for demonstration purposes) and internally the PINK might be on 192.168.20.20. In the Router I would enable port forwarding for port 80 through to the PINK Module IP address. On the web I would go to 205.232.34.1. I hope this helps. Take care.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chris Savage
Parallax Tech Support

Tumbler

Chris said...
All web page traffic happens by default on port 80

That's the problem Chris, my provider blocks all trafic.
I have a webserver too at my laptop. When i will make it public i have to setup another portnumber, otherwise it isn't possible to connect to. Sounds strange, but we have to do with it here

But is it possible via firmware to setup another portnumber?
·

Chris Savage

Tumbler, it would seem if your provider blocked port 80 you would not be able to surf the internet?

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chris Savage
Parallax Tech Support

Larry~

I have also read that some ISP's are blocking port 80

the site below will test all of the first 1024 ports for lets see what you get using this tool


https://www.grc.com/x/ne.dll?bh0bkyd2

Larry~

here is some info from the web and a page with more info

Many ISPs now block incoming traffic to this port before it reaches their customers. This is done for several reasons: The prevalence of malicious port 80 Trojans renders outside access to this port dangerous. Many Windows users are inadvertently running or have not patched and are not maintaining copies of Microsoft's web servers. As we know, active scanning by self-propagating worms is constantly attempting to locate and infect such servers. Additionally, the terms of service of many ISPs forbids end-users to offer web services to the Internet. Blocking incoming traffic to port 80 can be an enforcement of ISP policies as well as a significant boon to end-user security.

http://www.grc.com/port_80.htm

mojorizing

If indeed port 80 is blocked for incoming traffic, setup the router for port forwarding. As in Chris's example, using 205.232.34.1 as your IP address, setup the router to forward, say 3398 to internal port 80 with your local IP address of the Pink, say at 192.168.1.250. To access the Pink from the internet, use http//205.232.34.1:3398
Does that help?

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Bad spellers of the world untie!

Larry~

I have a web server running on my site which I could not get it to work correctly when setting the router to open port 80, so I opened up using DMZplus mode which opens everything to this computer. I am running Apache2 and Lunix so its safer than windows.

below is where I save all video's sent to me In emails
http://gaminde.net/Jokes/Movies/

Tumbler

TruStealth Analysis report:
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.

So, there is no other solution about this problem?

Larry~

If you can set the Pink up like mojorizing sugested It should work will the pink allow setting the port

Tumbler

I have tried it too Gaminde.

I have the same problem when i try to·put my apache webserver online. Apache runs under port 9100 here. Otherwise nobody can see my website (local)

Chris, what about the firmware? Is is possible?

Chris Savage

Tumbler,

No additional changes are planned to the firmware at this time. If we keep changing the firmware every time an ISP restricts use of a feature we will never have the firmware completed. As it was, the recent changes caused a lot of PINK Modules to be sent in for updates. Imaging doing this every month. There has got to be a work around. If my ISP blocked any traffic on my system I would seriously consider going with someone else. Blocking traffic is the job of the firewall in my router as well as my Anti-Virus software and updates. As it is my ISP recently started changing all mail access to SSL, which means that authentication is useless on the PINK Module. I am in the process of fighting this now.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chris Savage
Parallax Tech Support

Larry~

Well If you have an apache webserver running you should be able to run a dhcp server with it and set the pink on a second port

Larry~

Chris

"No additional changes are planned to the firmware at this time. If we keep changing the firmware every time an ISP restricts use of a feature we will never have the firmware completed."

this may become true for more and more ISP's

Tumbler

Someone else? lol. The other provider has plans to do the same·thing.
So that's it, no remote control for me.

Well, what a waste, such a lot of money.

Post Edited By Moderator (Chris Savage (Parallax)) : 2/29/2008 6:34:17 PM GMT

Larry~

Tumbler

What kind of router do you have name model and type of service dsl dialup

Larry~

You need to look for Port Redirection or Port Forwarding in your router you will be able to redirect any port to port 80

Larry~

this site may be just what you need to use Port Forwarding

http://portforward.com/english/applications/port_forwarding/HTTP/HTTPindex.htm

RDL2004

Check and see if no-ip.com can re-route any port 80 requests to you to another port of your choosing. Then all you need is to have your router forward that incoming request the PINK on port 80. Hopefully your router can do this. If you don't absolutely have to get incoming on port 80 you can append the port number to the http request as Mojorizing explained above.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
- Rick

Larry~

Chris
I have a few questions
1. wouldn't tcp ip be more important than a udp port setting
2. If Im running a server and serving webpages how would I use the Pink on port 80

Chris Savage

When you go to any website on the internet the default web page (HTTP) port is 80. Without that standard you would have to know the port along with the domain/IP Address for every web page you went to. When you host a web server it is assumed you’re going to be at port 80via the HTTP connection. If you need to configure a different port, then you should get a router that allows that. There are some that do it. I used to have one. These redirect traffic from one port to another port/IP Address internally. UDP on the other hand is often blocked by certain networks because the port is also used to send Net Send messages and other exploits. By changing the UDP port you can adjust for that. This is more important for UDP since it is a less standardized method of communication and it’s implementation on the PINK is really for point-to-point communications in which you may want to hide it on a different port. My Security System verifies messages from my remote system by verifying the IP Address of the device sending the message before responding. This pretty much kills it for packet sniffers.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chris Savage
Parallax Tech Support

Tumbler

I have all hints tested in my router, no succes.
I give up now, thx all that helped me.

@Gaminde: What kind of router do you have name model and type of service dsl dialup:

·its a SMC2804WBR
·and type:
Luc

Post Edited (Tumbler) : 3/1/2008 6:50:32 AM GMT

Franklin

Tumbler, what type of network connection do you have? DSL, cable, dialup, direct? Try plugging your computer into the ethernet connection before it goes through any other devices and see if you can get to the internet. If you can check to see what port your computer is using to connect. Let us know.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
- Stephen

Harrison.

Which hardware revision of the SMC2804WBR do you have? I believe each revision has a different chipset/firmware that supports different port forwarding options.

I have the first hardware revision of the SMC2804WBR and it has a virtual server option that supports WAN to LAN port mapping. Try the following steps to see if it will work:

1. Goto the NAT->Virtual Server menu.
2. Fill in your PINK's private IP.
3. Put 80 in for the private port.
4. Choose TCP as the protocol type.
5. Put in 8080 or any other high port number for the public port.
6. Apply the settings.

Your PINK must be configured either with DHCP or static ip. If you are using static ip, then make sure you have the correct subnet mask and gateway set. If it isn't correct, then your PINK won't know how to route packets outside of your network.

To test, you will have to use an external connection. You cannot use the same internet connection as your PINK for testing because a large portion of SMC's consumer routers do not support loopback. This means you cannot connect from to your external ip from your home. This is a huge flaw in SMC's firmware, which is why I no longer use any of their products. I have tried contacting them about numerous security issues in their NAT implementation, but they always tell me to reset my router or something like that.

Harrison

Tumbler

Hi Harrison,

I have version V1.00.020.2005
i think it's the newest version (couldn't find a newer one)
At smc.com i couldn't find my router anymore, i think it's not supported anymore.

but when i go to the virtual server settings i only have a 'service port' field where·i can change the port number, and i can't find a private and public port field

Luc


·

Chris Savage

Tumbler,

This appears to be a unique problem in that I have never heard of anyone unable to host a web server from their internet connection. I’m sure there probably are a few that, for some reason restrict it, but there are other ways around that. A good router should be able to redirect traffic from one port to another. I know two of the three I have owned had this capability. I’m sorry to hear that you cannot get it to work. When a router is involved you cannot directly access the PINK anyway. A router inherently acts as a firewall in that it translates the IP Addresses between the internet and you local network. Therefore you cannot access the PINK on any system with a router without first setting it up in the port forwarding or using the DMZ. Note that using the DMZ also opens up the TELNET port making it easy to eavesdrop on traffic between the PINK and the BASIC Stamp.

▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔▔
Chris Savage
Parallax Tech Support

Tumbler

I don't give up here

Plz read this article at grc.com
http://www.grc.com/port_80.htm

grtz
Luc