Port mapping question - I need clarification

I have posted a question about port mapping previously but - although I thought I understood - it is still not working for me. I was hoping there was a kind soul out there who could humor me and explain port mapping with AEBS 802.11n as if there where talking to a 5 year old.
Thanks for the help and it's ok to laugh.

{quote:}This address MUST be outside of the range of IP addresses that your 802.11n AirPort Extreme Base Station's (AEBS) DHCP service is providing.{quote}
This actually is incorrect.
The statement that the mapped internal address must be static is correct; otherwise the AEBS will not, if the Mac is assigned a different dynamic (DHCP) IP address by the AEBS some time in the future, be able to forward packets to the Mac. However it is very straightforward to have the Mac computer be assigned an address dynamically by the AEBS and to have the AEBS always assign the same IP address to the same Mac computer. Thereby giving the Mac a static address inside the DHCP range.
In the AirPort utility go to Internet | DHCP | DHCP Reservations. Click "+" then enter the MAC (what Apple calls Ethernet ID if you are using wired or AirPort ID if wireless) hardware address of the Mac computer, give it an IP address, save it. Then that Mac computer will always receive that (static) IP address from the AEBS.
Why do this? Well by continuing to use DHCP (while having though a static IP address) you keep all the other benefits of DHCP such as automatically having the gateway address, the DNS server addresses given to the Mac. Otherwise you have to enter all this information manually on the computer if you put it outside the DHCP address range. This is very desirable, especially for most home users, as their DNS server entries are provided by their ASP and picked up by the AEBS. If the ASP changes DNS addresses the manually configured Mac machine will not know.
So in summary - for port forwarding it is NOT necessary for the Mac machine to be outside the DHCP range, in fact _it is desirable to keep it in the DHCP range_ *as long as* the Mac utilises DHCP reservation on the AEBS.
I have tested this and it works fine.

Similar Messages

  • ARD AE Port Mapping Question

    Hello. I have a LAN consisting of 5 macs hardwired with an eithernet switch, and connected to an Airport Extreme and a DSL modem. They all have static IPs. I want to be able to administer these computers with ARD via the internet from a remote location. I know that I need port mapping to do this, but am having trouble setting it up properly. Right now I can connect to one computer remotely (I have the ARD ports mapped to it, but don't know how to set up additional port mapping, so I can get to the rest of the machines on the LAN. Mapping them to the same ports doesn't work. Can someone help me out? Thanks!

    mshanks, Welcome to the discussion area!
    You would need to use different public ports for each machine. For example, if the ARD service running on each Mac uses port 5000 (I don't know which port this is only an example) and you have 5 Macs configure the port mapping to do the following:
    public port 5000 -> Mac_0 on private port 5000
    public port 5001 -> Mac_1 on private port 5000
    public port 5002 -> Mac_2 on private port 5000
    public port 5003 -> Mac_3 on private port 5000
    public port 5004 -> Mac_4 on private port 5000

  • Port Mapping Question

    Well, I thought I had this all figured out...
    About a year ago I set up an older AirPort Extreme Base Station (Version 5.7) successfully to port to an iMac running OS X Tiger Server. As Leopard came out I decided that I wanted to do a little upgrading around the house and purchased the new AEBS along with a Mac Mini to run the new server software.
    I have no problems getting the AEBS set up, but the port mapping just doesn't seem to work correct.
    Right now I reverted back to the old system and seem to be serving just fine on the Mac Mini with OS X Leopard Server... But I'd really like to leverage the new AEBS.
    So, anyone out there can offer some advice on one of the settings I seem to be missing that seems to make this not work?
    Thanks

    It might also be a DCHS/NAT problem...
    Here's a post I added this morning...
    http://discussions.apple.com/thread.jspa?threadID=1320615&tstart=0

  • Need help with port mapping on Airport Utility 6.1

    Ive been trying to port map on my TC with Airport Utility 6.1 and failing miserably. Port still closed. Can anyone advise where Im going wrong? Am trying to set up my home camera to be viewed outside.
    I managed to key in the ports etc under Network and Port Settings. But nothing works. I'm tearing my hair out.
    Any suggestions to try would be helpful.
    Thanks

    Use the 5.6 utility.. it is much easier and I think works better.. although you cannot load 5.6 directly into 10.8 the version for Lion actually works fine.
    Download 5.6.
    http://support.apple.com/kb/DL1482
    Download unpkg
    http://www.macupdate.com/app/mac/16357/unpkg
    Open the AU 5.6 dmg and drag the pkg over the open unpkg.. it will create the directory on the desktop. You can either run it from there or drag the utility to your utilties directory.
    Take screen shots of each step. Post them here.
    That way we can tell you where it has gone wrong.
    What port exactly does the camera need open?
    How are you connecting remotely?
    ie do you have a fixed public IP?? If not how are you getting IP?
    Is the TC the only router in the network.. it is irrelevant unless the TC is the one and only router.

  • I have airport extreme and just purchased a D-Link DCS-932L home network camera.  D-Link says I need UpNp but the extreme doesn't support this.  Can I use port mapping?  if so anyone know how to set that up?  thanks

    I have airport extreme and just purchased a D-Link DCS-932L home network camera.  D-Link says I need UpNp but the extreme doesn't support this.  Can I use port mapping?  if so anyone know how to set that up?  thanks

    Since the D-Link DCS-932L is accessible on the local network via a web browser, you should be able to access this camera from the Internet if your router has a publically accessible Public IP address. If your ISP provides you with a dynamic Public IP address, you may want to use a DDNS service to make it easier for you to locate your camera whenever your ISP changes your IP address.
    Start the AirPort Utility > Select the 802.11n AirPort Extreme Base Station (AEBSn).
    Select Manual Setup.
    Verify that Connection Sharing = Share a public IP address is selected on the Internet > Internet Connection tab.
    Select Advanced, and then, select the Port Mapping tab.
    Click the plus sign to add a new port mapping.
    For Service, leave the default; this will change to "Custom" once you start entering port values.
    In the Public UDP Port(s) and Public TCP Port(s) boxes, type in a 4-digit port number (e.g., 8888) that you choose. In the Private IP Address box, type the internal IP address of your camera. In the Private UDP Port(s) and Private TCP Port(s) boxes, enter the appropriate port values that should have been provided to you by the camera manufacturer. Click Continue.
    In the Description box, type a descriptive name like "Internet Camera Access," and then, click Done.
    Click on Update.
    To connect to the shared Camera from a remote location using a Mac or PC:
    Start your favorite web browser.
    Enter either your Public IP address or DDNS-provided Domain Name, followed by a colon and the Public port number that you choose in step 7 of the previous procedure. For example: http://123.123.123.123:8888 or http://www.mydtdnsdomainname.com:8888

  • Quick question re: port mapping

    Does the 802.11n base station have the same limit as the 802.11g base station regarding the maximum number of ports that the user can map?
    In other (perhaps more coherent) words: The "g" base station only allows a user to specify a total of 20 ports in the "port mapping" pane of Advanced settings. Does the "n" station have the same limitation?

    Anyone have any ideas or information? I'm not able to find anything clear by searching the knowledge base, etc.

  • CRMXIF_REL_SAVE_M01 - Mapping Question

    Hello All,
    I have a mapping question, hope some one can answer my question. Please see the link first and the see my question
    http://www.flickr.com/photos/8764045@N06/4265246260/sizes/o/
    I'm mapping the CRM IDOC to the JDBC Call. I have small problem here. All the target fields are Mandatory 1..1 .
    I will explain with an example:
    I have field from source E102BUS_EI_STRUC_TEL_DATA/COUNTRY mapped to target field.
    I used Map With Default so that even if the values are not there frm the source the target field will be mapped with blank.
    But the problem is the parent node for E102BUS_EI_STRUC_TEL_DATA is E102BUS_EI_BUPA_TELEPHONE is 0.999999 , so sometimes that segment is not coming. In this case Map with Default won't work. Map with Default willl work only if the Parent node is present.
    If you ask me to do Exists node function on E102BUS_EI_BUPA_TELEPHONE and then apply Map with Default, then even this won't work.
    Apologize if I confused you guys. Please let me know if you need more clarification.
    Thanks!
    Raj.

    Hi Raj,
    Try to do a mapping like this
    E102BUS_EI_STRUC_TEL_DATA(context E102S_EI_BUPA_TELEPHONE_CON)--mapwithdefault-->then
    E102BUS_EI_BUPA_TELEPHONE-->exists------------------------------------------------------------------>if---->splitbyValue
    let us say this output (the output of splitbyvalue) as 'VALUE'
    VALUE-----------------------------------------------> then
    VALUE|-->count--->greater----------------------->if----->targetField                            
          Constant(0)---->              Constant(blank)-->else
    Regards
    Suraj

  • New Airport Extreme (802.11n): :  Port Mapping... ***???

    There are two different programs I was formerly using, whereby (after following instructions) I was able to create a static IP address for every machine on my network, plus open ports 8000 and 9990-9998 respectively. But ever since upgrading to the new Airport Extreme (802.11n), it completely stopped working. To boot, I've upgraded to Leopard on one of two of the machines (the other is still using 10.3.9).
    I haven't been able to figure out for the life of me, how to configure it. It's no longer as obvious where and what information to put in. All guides that would remotely help are designed for the older Airport unit, which has completely different menus in the Airport Utility.
    Is there anyone out there who has experience with Dot-Tunes and/or Nicecast or similar port mapping, who has the patience to describe, in layman's terms, what steps to take to get this set up correctly again, starting with how to reassign static IPs for my machines. I will not ask a lot of questions and take up too much more of your time. I'm just frustrated after a whole day of trying to figure this out and fruitless Google and forum searches.
    Thank you so much.

    I'm not familiar with either Dot-Tunes or Nicecast, but the following would be the general port mapping procedure with the 802.11n AirPort Extreme Base Station (AEBSn) using the AirPort Utility. Note in this procedure you will not need to assign a static IP address for each of your host devices. Instead you will be taking advantage of the AEBSn's DHCP reservations feature.
    To setup port mapping on an AEBSn, either connect to the AEBSn's wireless network or temporarily connect directly, using an Ethernet cable, to one of the LAN port of the AEBSn, and then use the AirPort Utility, in Manual Setup, to make these settings:
    1. Reserve a DHCP-provided IP address for the host device.
    Internet > DHCP tab
    o On the DHCP tab, click the "+" (Add) button to enter DHCP Reservations.
    o Description: <enter the desired description of the host device>
    o Reserve address by: MAC Address
    o Click Continue.
    o MAC Address: <enter the MAC (what Apple calls Ethernet ID if you are using wired or AirPort ID if wireless) hardware address of the host computer>
    o IPv4 Address: <enter the desired IP address>
    o Click Done.
    2. Setup Port Mapping on the AEBSn.
    Advanced > Port Mapping tab
    o Click the "+" (Add) button
    o Service: <choose the appropriate service from the Service pop-up menu>
    o Public UDP Port(s): <enter the appropriate UDP port values>
    o Public TCP Port(s): <enter the appropriate TCP port values>
    o Private IP Address: <enter the IP address of the host server>
    o Private UDP Port(s): <enter the same as Public UDP Ports or your choice>
    o Private TCP Port(s): <enter the same as Public TCP Ports or your choice>
    o Click "Continue"
    (ref: "Well Known" TCP and UDP ports used by Apple software products)

  • FTP & Port Mapping?

    Ok, I'm pretty new to wireless networking but I have a pretty good grasp of it all. I just have one question about Port Mapping and security. I have to open port 21 on Port Mapping in order for me to use FTP to upload files to my webspace. My question is how safe is it to leave that port open all the time? Or should I continue to close the port after everytime I upload? That's fine but it takes so long to update the Express with the new settings and reset. Kind of a pain.
    Anyway, if anyone has an opinion or suggestion for this then it would be greatly appreciated!

    Thanks for the quick reply and information Henry!
    Well, I guess I would be at minor risk since I don't have my OS X firewall enabled. I just figured that the Express was a better firewall. But if you start punching holes in the wall then it becomes less secure. Hmm.... I guess I would have to enable the OS X firewall then if I want to leave the port mapping enabled on the Express. And just enable FTP access through the OS X firewall when needed.
    Of course I have good password protection on the FTP server but then again I would have the port wide open too.
    Anyway.... thanks again for your help! It definitely helps me put things in order with what I need to do.

  • Port map to more than one 'private IP address'

    Hi,
    probably a silly question, but ...
    Is it possible to port map on an Airport Express to more than one private IP address? IOW, if the first IP address is not available/active, then the port is forwarded to the second IP address.
    Grant

    Hi iFelix,
    yes, I have 2 networks, home & studio. I take my powerbook with me between the 2. When I am in one of them, I want to be able to control the other.
    At the moment, I can map to another machine (not my powerbook) in the Airport Express settings and then I can connect via VNC. If however, I want to have a more complete control, I need to map port 3283 specifically to my powerbook. Obviously, if the powerbook is with me, then it's not where I'm not, if you follow the rather Pooh bear logic.
    My problem would be solved if I could map to one IP address as default, with a second if that address were not resolved/found/available.
    As for VPN, yes as I have gleaned from much browsing of net and these forums, this would solve my problem, but it seems overly complicated to set up for a non-IT person. Looking at the interface for a router/modem is a frightening thing for people who only do this once in a blue-moon.
    Grant
    AluBook 17    

  • Port mapping doesn't seem to work - AEBS

    I have a dsl connection to an Alcatel SpeedTouch 530 modem, linked via ethernet cable to the WAN of my AEBS, which shares the connection to three Macs and 2 Win boxes. I want to connect to aMule and get a High-ID. In the wiki.amule.org FAQ it states that to achieve this, I must use port mapping behind a firewall, and map ports 4662 (TCP) and 4665 (UDP) to my machine (which, after reading http://discussions.apple.com/thread.jspa?messageID=607426&#607426, I have assigned to AirPort TCP/IP address 10.0.1.201, by the way).
    Unfortunately, it doesn't seem to work, and I'm still getting the annoying 'low-ID' warnings on aMule.
    Following some advice on the aMule forum, I mapped port 80 and verified that the WebServer is accessible inside the wLan, if that's of any help.
    Thanks, people.

    Hi Tim, a couple of questions:
    1. If I go ahead and un-check the 'Distribute IP
    addresses' box, how will the three Macs and two Win
    computers on this wlan be affected? Do we still have
    access to each other's shares, and do we still access
    the internet through the AEBS?
    Once you turn off the 'distribute the IP address box' then your alcatel router will then distribute ip adresses and your macs and wintel boxes will still be on the same network and using the sharepoints will remain the same if you setup the shares using the bonjour names.
    I am making an assumption here in that your alcatel box is setup as a NAT router and not as a Bridge.
    2. Do I just give a static internal IP to my own
    powerbook, or to all the above computers?
    You only need to give a static ip to the mac your doing the port forwarding to. So that is the mac that is running the p2p software, infact you would do the same for any computer on the LAN that would run a server, such as a webserver, email server etc.
    Many thanks, as always.
    You are welcome.
    PS I had the impression that the basic idea of what I
    need to do to successfully map the ports to my Mac
    was to map ports from the DSL modem to the AEBS, then
    from AEBS to my Mac. Is this not right? Or is this
    another kind of solution to the same problem, albeit
    slightly more complicated to your suggestion above?
    If the alcatel modem was just behaving as a modem then you would use the AEBS as the NAT device and do the port mapping on that. However the Alcatel modem is also a router.
    If you setup up your alcatel router as a bridge you would then use the AEBS as your PPPoE client and then port mapping would work.

  • How do I use Port Mapping?

    b How do I use Port Mapping?
    (This document will assume that you are using and ABS/AEBS/AX as an internet router and have DHCP & NAT turned on.)
    Sometime you may want to offer access to a computer on your AirPort network to users on the internet, whether it be a web site, or for file sharing, or just remote access for yourself when traveling. If any of these sound like something you want to do, then you need to understand how Port Mapping works.
    b AirPort as Firewall
    Most of the time your AirPort base station will not let any traffic into your network which did not originate from your network. It will let everything out and replies to your traffic back in, but it will not let sessions initiated on the internet side of the base station in to your network. This is what is referred to as the "NAT firewall" capability of the base station and it provides effective protection for your network from the internet. What Port Mapping does is poke a hole in this wall to allow certain type(s) of traffic into the network and direct this traffic to a specific computer on the network. In the firewall world this is commonly referred to as an "inbound proxy" or "inbound translation" rule or "PAT" (Port Address Translation) in the router world.
    b The Need for Manual Addressing
    Since a Port Mapping entry in the base station configuration requires an inside private IP address to be specified, the computer to which to mapping entry applies should always have the IP address specified in the mapping entry. Thus, DHCP should not be used for a computer offering services on the internet as the Port Mapping entry will no longer work if the target computer's IP address changes. In general, an Apple base station's DHCP server will try to assign IP addresses in the 10.0.1.2 to 10.0.1.200 range. IP addresses above 10.0.1.200 can be Manually assigned to computers and other devices on the network up to 10.0.1.254. 10.0.1.255 is reserved (it is the broadcast address for the 10.0.1 subnet). To Manually set up the TCP/IP information for a Macintosh running Mac OS X, go to System Preferences -> Network and "Show" the appropriate interface (Ethernet or AirPort) and click on the TCP/IP tab. Select "Configure Manually" and enter the following information:
    IP address : 10.0.1.201 (or whatever address you decide to use)
    Subnet mask : 255.255.255.0
    Router IP : 10.0.1.1 (the AirPort base station LAN IP)
    DNS server : 10.0.1.1, or whatever DNS server IP your ISP uses
    After making these changes verify that your computer can still access the internet and local resources on the LAN before continuing.
    b Port Mapping a service
    In our example we will be hosting a web site on a computer which we have given an IP address of 10.0.1.201. Basic web sites are accessed using the HyperText Transport Protocol (HTTP) and this protocol typically uses port 80 to communicate. In order for others to see the web site, we must configure a Port Mapping entry in the base station configuration to not only allow the web browsers in, but to tell the base station what IP address the web server is using. The Port Mapping entry has three parts: Public Port, Private IP, and Private Port. In this case you would use the following values:
    Public Port : 80
    Private IP : 10.0.1.201 (this is the computer hosting the web site)
    Private Port : 80
    In order to access the web site from the internet, users must reference the base station's WAN port public IP (determined by looking at the base station configuration summary page in the AirPort Admin Utility). Since this address may change over time, you might want to use a Dynamic DNS service to simplify connecting for your users.
    Sometimes the port you wish to use may be blocked by the ISP. In this case, use a different non-standard Public Port number for the service, but keep the Private Port standard. In the above example, if the ISP was blocking port 80, you could potentially use 8080 instead, so:
    Public Port :

    Public Port : 8080
    Private IP : 10.0.1.201
    Private Port : 80
    Your users would then have to enter "http://<publicIP>:8080/" (where <publicIP> is the public IP address of the AirPort base station) to access the web site.
    b Internal Access
    It should be noted that when accessing these services from within the network you cannot reference the Public IP/Public Port, but rather you must use the Private IP/Private Port. Thus, "http://10.0.1.201:80/" in the above example.
    b Limits and Options
    There is a maximum of 20 Port Mapping entries that can be made in an Apple base station configuration. If you use an AirPort Extreme or AirPort Express base station there is an option which can be helpful in the case where you need many ports opened to a single computer. This is the "Default Host" option. When using this it is not necessary to use Port Mapping at all as all ports will be opened to the specified "Default Host". This is found in "Base Station Options". The default IP address for the "Default Host" is 10.0.1.253. You may change this IP address. The target computer must be Manually configured as specified above with the same IP address. Since all ports are now open to this computer, you should enable and configure the Mac OS X firewall on the default host computer to protect it from intruders.
    b Useful Related Links
    <a href="http://docs.info.apple.com/article.html?artnum=52002>"Designing AirPort Extreme Networks: Manuals</a>
    "Well Known" TCP and UDP Ports Used By Apple Software Products
    IANA Port Number Assignments

  • Cisco ASA 5505 - Port Mapping

    Hi, I'm new into IT and I was wondering if somebody could help me set up Port Mapping. Here's my scenario - 
    We have set up an Asterisk VoIP server that uses UDP port 5060 and another port range, and we want any public incoming connections destined for our Asterisk server on Port 5099 to be translated at the firewall to go to our Asterisk server on port 5060. I have been using ASDM 6.4 but theres no easy way to do this (as far as I know, and why I've came here looking for an answer).
    We have currently just left port 5060 open to the public (so our home workers can use our phone system) but really want to get this sorted ASAP due to SIP Bots that look for ports like 5060 that are open!!
    Any help would be greatly appreciated and if anybody needs anymore information just ask!!

    Hi,
    You need to have a NAT rule set for port-forwarding to make as per your requirement..... I will give you cli based configuration example....
    If your ASA is running with pre-8.3 version:
    static (inside,outside) tcp interface 5099 192.168.1.10 5060 netmask 255.255.255.255
    If your ASA is running with post-8.3 version:
    object network SERVER-01
    host 192.168.1.10
    object network SERVER-01
    nat (Inside,Outside) static interface service tcp 5099 5060
    Regards
    Karthik

  • Airport Extreme v7.3.3 Port Mapping Port 80

    I have a DVR in my home which is connected to my home network. It has a static IP address. I would like to be able to utilize its mobile app from any mobile/cellular network. The manufacturer of my DVR tells me that I need to open up Port 80 on my router, which is an Airport Extreme running v7.3.3.
    I have tried looking up solutions and have found similar results but nothing for the AirPort running v7.x.x. Everything I have found is for version v6.x.x or v5.x.x.
    I have tried using the following examples with no success, which may be fault on my part, as well as the document:
    AirPort - Port Mapping Basics using AirPort Utility v6.x
    http://portforward.com/english/routers/port_forwarding/Apple/AirPortExtreme/defa ultguide.htm
    Re: How do I open ports on my airport extreme and assign a fixed IP Address for a device connected to my network?
    Any further advice would be welcome. Thank you. I will gladly provide further details upon request/as needed.

    I have tried looking up solutions and have found similar results but nothing for the AirPort running v7.x.x. Everything I have found is for version v6.x.x or v5.x.x.
    Unfortunately, you have the firmware version of the AirPort mixed up with the software version of AirPort Utility, the application used to setup and administer the AirPort router.
    Your AirPort was setup using software either by AirPort Utility 6.x...or....an iPad or iPhone running the iOS version of AirPort Utility. Either of those applications will allow you to set up port mapping......IF.....the AirPort is setup as the main router on your network. 
    Or, in other words....you do not have the AirPort connected to another modem/router on the network.
    Now might be a very good time to confirm on the make and model number of the device that you call your "modem", since that will dictate the next move as far as setting up ports.

  • NAT configuration and Port Mapping for xBox

    I'm looking for help with port mapping to open up the NAT for an xBox One. I'm working with the following network devices:
    xBox One
    DSL Modem: Embarq (ZyXEL) 660R series
    Airport Extreme version 7.7.3
    I understand the following from researching the issue:
    The default settings for both devices block the ports needed for xBox Live.
    Airport Extremes are not on the compatible list for xBox.
    Port Mapping is better then creating a DMZ for the xBox.
    The xBox needs its own manually set IP address.
    I switched my Network>Router Mode from Off (Bridge Mode) to DHCP and NAT. I then created a DHCP Reservation and the Port Settings for that IP.
    After doing this, the Airport would restart and display a warning - Double NAT. I figured this was because the 660 settings showed the NAT Mode to be SUA Only. The Edit Details link displayed an empty table where you edited the SUA/NAT Server Set. I switched from NAT Mode>SUA Only to None. So there was my Double NAT and I would have thought that would have removed one.
    I also disabled the Firewall and Enabled the UPnP.
    After restarts the Airport continued to display the Double NAT error. However, with the 660's NAT Mode set to None, the Internet was not there. Web browsers and email accounts replied with server not found.
    Only with the 660 set to SUA Only and the Airport in Bridge Mode is the Internet accessible. I now have the details for the SUA filled out for the xBox's IP address and ports.
    Hypothesis
    Since both devices are acting as DHCP servers the port mapping is not working. Rather then have the 660 distribute IP addresses and then having the Airport distribute another range of numbers, I need to have both devices bridge and distribute one range of numbers. Currently the 660 is using the 192.168 range and the Airport is using the 10.0 range.
    Am I correct? Any thoughts and suggestions are welcome.

    Port forwarding through a double NAT.. is near impossible.. !!
    And the xbox is so attuned to using UPNP it is very hard not to.. even port mapping is not a great fix. Since apple decided gamers did not count as users for Airports.. I think honestly it is best to bypass the airport and stick to upnp from the modem router.
    What method of authentication does your ISP use? Because it is really better to use one router.
    And in fact the router should be the Zyxel. If you plug the Xbox to the Zyxel running in full router mode, with the airport removed from the network does it work and open NAT??
    If not replace the Zyxel with a modern listed router that is xbox compatible and bridge the airport to it.

Maybe you are looking for