Newbie: Port forwarding and triggering on Linksys BEFSW11
From: Wally Sanford (PleaseSubstituteMyActualFirstNameHere_at_wallysanford.com)
Date: 09/27/03
- Next message: Rob: "Re: Netscreen 5 (NS-5) firmware 2.6.xx wanted"
- Previous message: Bit Twister: "Re: Go For It"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 27 Sep 2003 13:00:15 GMT
This computer runs IIS, and a DNS server. The Linksys BEFSW11 also serves a
Cisco ATA enabling Vonage VoIP telephone service.
For IIS I forward (to the server IP) port TCP/UDP 80-80, for DNS I forward
port TCP/UDP 53-53. I have port TCP 953 forwarded for rndc, but it's not
clear to me that I must. Vonage requires UDP 69, 123, 5060-5061, and
10000-20000. Seems like a lot of ports open for Vonage, but they all need go
only to the ATA IP, not the server.
I was considering port triggering instead of forwarding, thinking this might
increase security, or at least make available slots in the Linksys's Port
Forwarding table, which is maxed out. However, using port triggering for
port 80 disables serving pages (I assume because no one can see the port:
it's closed and no request originated LAN-side). Using triggering for the
Vonage ports works (I think), but doing so would route WAN requests to all
IP's on the LAN side, which seems less secure than just forwarding only to
the ATA....
Can anyone suggest whether triggering offers advantages over forwarding in
this case?
Thanks.
-- Wally Sanford web: http://wallysanford.com email: PleaseSubstituteMyFirstNameHere@wallysanford.com
- Next message: Rob: "Re: Netscreen 5 (NS-5) firmware 2.6.xx wanted"
- Previous message: Bit Twister: "Re: Go For It"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
