UTorrent, Internet Sharing and Port Forwarding: Horrid Trifecta

Similar Messages

• Are "Back to my MAC" and "Port Forwarding" mutually exclusive?

  I have been using APExtreme and Port Forwarding successfully for several weeks now. The PF is to allow access to game players on a PC which acts as a server on the web. All Good.
  One more thing, I have a ISP provided wireless modem/router to talk to the cable and the world. It seems to work either bridged or un-bridged.
  I have disabled the wireless on the ISP's modem/router. (Actually the ISP's device doesn't hold a candle to the APE.)
  Still all good.
  So the firewall is on in the APExtreme and none on the modem router, and I have a port defined for my gamers to get access to my server in the APExtreme.
  I now want to implement Back to my MAC on my MBP and my other Apple devices. I believe these use iCloud for which I have an account and it seems to be working well with my iPhone.
  In Properties, when I select BtmM, iCloud says communications will be slow if I have port forwarding on. Also I will not be able to use the router function in my Modem/router.
  I'd really like to have the modem/router firewall up, and do the port forwarding there, but the BtmM will likely not get through.
  So what does anyone suggest?
  Can I use BtmM and port forwarding without too much degradation?
  Please advise.
  Thanks
  Barry

  To best answer your question on whether the two are "mutually exclusive," let take a look at how Back to My Mac (BTMM) basically works.
  BTMM - General Requirements
  OS X Leopard 10.7.3+
  Active iCloud account. Each Mac & the AirPort router, that will be relying on BTMM, needs to be configured with the same account.
  A publicly reachable IP address for your router.
  A router that supports either NAT-PMP or UPnP. For AirPorts, be sure it is running 7.6.1+ firmware.
  BTMM uses TCP port 5354 and UDP ports 4500 & 5353 for communications.
  BTMM - Basic Communication Flow
  For a computer connected to the Internet via a router, BTMM "asks" the router for its configuration information. For a router, like your AirPort, that uses NAT-PMP, BTMM will ask the router to assign arbitrary public ports. In turn, the router will provide these port assignments (& the router's Public IP address) back to BTMM.
  BTMM then sends this information to the iCloud account. In background iCloud updates a special set of DNS entries to be used by BTMM. These entries are then made available to all BTMM clients using your iCloud account. When a computer, with BTMM enabled, uses your iCloud credentials, it automatically retrieves a list of all other computers/routers that are registered with the same account. All these devices should then appear under the SHARED section of the Finder.
  When attempting to connect to a remote computer (or router), BTMM creates a secure connection to that remote device using the information from the iCloud account.
  Once the connection is established, the devices can then communicate with each other.
  So potentially, unless you are using Port Mapping for any of the ports BTMM uses, they should not conflict.

• How to use internet sharing and airtunes?

  Question? how to use internet sharing and airtunes?
  OK I have following working separate situations.
  1. I can share my internet connection : is a router to ethernet cable into mac. Then over airport built in to my iMac ....... to other wireless computers, iphone etc...works fine.
  2. the I have a air port express that is only used for air tunes. I guess i had create a separate network for that. can select that in iTunes. Works.
  problem is can not use both at the same time!
  OK so Now I would like to combine the two; share the ethernet over airport on mac and send music to air port express....
  the main reason for this is cause I now have an iPhone and want to use the internet and the remote app to control iTunes from all over the house.
  I have not the first idea where to start.
  Any hints or tips will be greatly appreciated.

  The airport express is a router. And, only one router can be used to obtain an IP address. So in your airport express configuration set it so it does not obtain an IP address.

• Internet Sharing and AirTunes at the Same Time?

  I've seen similar posts on this question, but none exactly on. I think I have a fairly basic situation.
  I'm using my G5 as a base station to broadcast Airtunes to another room. G5 is connected to the Internet via cable modem. Using Airport Express as receiver.
  Now, I just bought a powerbook and want to use the G5 for wireless internet access by the PB. But when I turn on internet sharing on the G5, it seems to cut off/shut down the airtunes network. Airport icon looks quite different. Conversely, when I get the airtunes working, the sharing can't be turned on.
  Anyway to sort this out so that I can run both at the same time?
  thanks
  G5   Mac OS X (10.4.8)  

  I believe, in theory, you should be able to do this. I am assuming from your description the G5 is connected, via Ethernet, to the cable modem and you want to use Internet Sharing to use it's wireless to commuicate with both the AX and the PowerBook. I think if you set up Internet Sharing and add the AX as a "wireless client" this may just work.
  Let's double-check your settings...
  To setup for Internet Sharing (Wired to Wireless):
  Enable Software Firewall
  System Preferences > Sharing > Firewall
  - Click Stop to start the software firewall
  Setup the Network
  Cable Modem > (Ethernet cable) > [Ethernet port] Mac_#1 > (wireless) > Mac_#2
  Setup Port Order
  System Preferences > Network > Show > Network Port Configurations
  - Verify that "AirPort" and "Built-In Ethernet" are enabled.
  - Verify that "Built-In Ethernet" is at the top of the list, followed by "AirPort".
  - Click "Apply Now."
  Configure the Internet Connection
  System Preferences > Network > Show > Built-In Ethernet > TCP/IP
  - Configure IPv4: Using DHCP
  - Configure IPv6: Automatically or Off
  Enable Internet Sharing
  System Preferences > Sharing > Internet
  - Share your connection from: Built-in Ethernet
  - To computers using: AirPort (checked) (Note: Uncheck all other entries in the list.)
  - AirPort Options
  -- Network Name: <anything you want>
  -- Channel: Automatic
  -- Enable encryption (using WEP) (optional)
  -- Password: (optional)
  -- Confirm Password: (optional)
  -- WEP Key Length: (optional)
  -- Click OK
  - Click Start
  To set up AirTunes on the AirPort Express Base Station (AX), using the AirPort Admin Utility, connect your computer directly (using an Ethernet cable) to the Ethernet port of the AX, and then, try these settings:
  AirPort tab
  - Base Station Name: <whatever you wish or use the default>
  - Wireless Mode: Join an Existing Wireless Network (Wireless Client)
  - Wireless Network: <select the Internet Sharing wireless network>
  Music tab
  - Enable AirTunes on this base station (checked)
  - Enable AirTunes over the Ethernet port (optional)
  - iTunes Speaker Name: <whatever you wish>
  - iTunes Speaker Password (optional)
  In iTunes:
  iTunes > Preferences... > Advanced > General
  - Look for remote speakers connected with AirTunes (checked)

• Xbox 360/one problem and port forwarding

  For a couple months now (since I got my AirPort Extreme) I have not been able to connect to a certain friend on xbox. I can connect to anybody else however. The only way we can (kind of) connect is if somebody else is host and we both connect to him.
  My NAT type is Moderate. When I try to test my connection on my xbox it says that I can connect but I am limited in matchmaking (this is joining games and using voice chat, which is the problem named above for my particular friend). The xbox shows the error and suggests that I enable UPnP or open the port 3074.
  The problem is that I have already have! I gave my xbox a static IP and forwarded the port 3074 to that IP.
  (I have also tried forwarding all the ports that xbox live uses to the xbox. These being:
  Port 88 (UDP)
  Port 3074 (UDP and TCP)
  Port 53 (UDP and TCP)
  Port 80 (TCP)
  as found on the xbox website...  https://support.xbox.com/en-US/xbox-360/networking/network-ports-used-xbox-live
  I made sure to put them in the right text boxes for UDP and TCP so that is not the problem either.)
  I know that the AirPort Extreme does not support UPnP but does have a similar thing called NAT Port Mapping Protocol which was already enabled. (I tried all possibilities of enabling/disabling NAT...Protocol and port forwarding/not port forwarding.)  ---  This is not the solution as I see it
  In short: My xbox tells me to open port 3074. I already have. It still tells me to open it and still won't work.
  I posted this on the apple discussion page (instead of the xbox discussion page) because I know that it's not an xbox problem. When I had my old linksys router it worked perfectly.

  I have this exact same question and problem.  I know this doesn't help, but would appreciate any updated information if you find an answer.  I'll keep working on this also and let you know if I find an anwer.

• Internet Sharing and machinename.local

  Hi! I've recently set up my Mac mini (10.4.6) to run Internet Sharing, and ethernet connections to any laptop I connect works beautifully. (For exactly what I did to get this set up, visit http://www.aleph0.com/computing/macosx/dhcp-setup/ , but nothing there is really beyond the basics you might expect.)
  One tiny feature I don't have working is the ability to connect the "internal" computer and the mini using aliases---only IPs are possible. For instance, the "Sharing" panel suggests other computers can connect to the mini as "natalie.local"; similarly, when I connect a Windows laptop named "will" to the mini, /var/db/dhcpd_leases even shows it's connected as will---but I can't connect from one to the other using those names. (i.e., via http---both are running web servers---or via sftp---both are running sshs as well), while connecting with the numerical IPs works fine.
  So after that ramble, I wouldn't be surprised if "natalie.local" is really only suppose to work with AFP, and will with SMB, but thought I'd ask for suggestions. I've considered playing with DNS on OS X to work on such a possibility, but I thought I'd ask first....
  Thanks for any pointers!
  CDJ
  Mac mini (Original)   Mac OS X (10.4.6)   Running Internet Sharing (connected to Internet via AirPort, "internal" via ethernet)

  Otherwise run your own dns server on your LAN.
  This is what I expected to have to do on the mini---I have a DNS server, but the mini with Internet Sharing doesn't send any information to it; that's what I'd like to figure out how to do. Perhaps stepping back and stating the basics of what I'd like would help:
  I have a mini running 10.4.6 (natalie), connected (via the rest of my home LAN) to the Internet via AirPort, and the ethernet jack is unused. I'd like to connect a laptop (will) (that uses DHCP, but OS- and software-unspecified) via ethernet to the mini, access the Internet, and allow the two machines to address one another as "natalie" and "will" (or "natalie.local" and "will.local", etc.) for TCP/IP commands, instead of "192.168.2.1" and whatever address is assigned to will. This works after installing Bonjour on will, but I'd like to not have to install Bonjour on the laptop (specifically, I'd like to connect any random laptop that can use DHCP).
  Am I wrong in thinking there should be a way for natalie to "take over" this portion of the DNS, or at least update my LAN's DNS server so that the process is still seamless for will?
  Thanks again,
  CDJ

• Howto: Zones in private subnets using ipfilter's NAT and Port forwarding

  This setup supports the following features:
  * Requires 1 Network interface total.
  * Supports 1 or more public ips.
  * Allows Zone to Zone private network traffic.
  * Allows internet access from the global zones.
  * Allows direct (via ipfilter) internet access to ports in non-global zones.
  (change networks to suit your needs, the number of public and private ip was lowered to simplify this doc)
  Network setup:
  iprb0 65.38.103.1/24
  defaultrouter 65.38.103.254
  iprb0:1 192.168.1.1/24 (in global zone)
  Create a zone on iprb0 with an ip of 192.168.1.2
  ### Example /etc/ipf/ipnat.conf
  # forward from a public port to a private zone port
  rdr iprb0 65.38.103.1/32 port 2222 -> 192.168.1.2 port 22
  # force outbound zone traffic thru a certain ip address
  # required for mail servers because of reverse lookup
  map iprb0 192.168.1.2/32 -> 65.38.103.1/32 proxy port ftp ftp/tcp
  map iprb0 192.168.1.2/32 -> 65.38.103.1/32 portmap tcp/udp auto
  map iprb0 192.168.1.2/32 -> 65.38.103.1
  # allow any 192.168.1.x zone to use the internet
  map iprb0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp
  map iprb0 192.168.1.0/24 -> 0/32 portmap tcp/udp auto
  map iprb0 192.168.1.0/24 -> 0/32For testing purposes you can leave /etc/ipf/ipf.conf empty.
  Be aware the you must "svcadm disable ipfilter; svcadm enable ipfilter" to reload rules and the rules stay loaded if they are just disabled(bug).
  Zones can't modify their routes and inherit the default routes of the global zone. Because of this we have to trick the non-global zones into using a router that doesn't exist.
  Create /etc/init.d/zone_route_hack
  Link this file to /etc/rc3.d/S99zone_route_hack.
  #/bin/sh
  # based on information found at
  # http://blogs.sun.com/roller/page/edp?entry=using_branded_zones_on_a
  # http://forum.sun.com/jive/thread.jspa?threadID=75669&messageID=275741
  fake_router=192.168.1.254
  public_net=65.38.103.0
  router=`netstat -rn | grep default | grep -v " $fake_router " | nawk '{print $2}'`
  # send some data to the real network router so we look up it's arp address
  ping -sn $router 1 1 >/dev/null
  # record the arp address of the real router
  router_arp=`arp $router | nawk '{print $4}'`
  # delete any existing arp address entry for our fake private subnet router
  arp -d $fake_router >/dev/null
  # assign the real routers arp address to our fake private subnet router
  arp -s $fake_router $router_arp
  # route our private subnet through our fake private subnet router
  route add default $fake_router
  # Can't create this route until the zone/interface are loaded
  # Adjust this based on your hardware and number of zones
  sleep 300
  # Duplicate this line for every non-global zone with a private ip that
  # will have ipfilter rdr (redirects) pointing to it
  route add -net $public_net 192.168.1.2 -ifaceNow we have both public and private ip addresses on our one iprb0 interface. If we'd really like our private zone network to really be private we don't want any non-NAT'ed 192.168.1.x traffic leaving the interface. Since ipfilter can't block traffic between zones because they use loopbacks we can just block the 192.168.1.x traffic and the zones can still talk.
  The following /etc/ipf/ipf.conf defaults to deny.
  # ipf.conf
  # IP Filter rules to be loaded during startup
  # See ipf(4) manpage for more information on
  # IP Filter rules syntax.
  # INCOMING DEFAULT DENY
  block in all
  block return-rst in proto tcp all
  # two open ports one of which is redirected in ipnat.conf
  pass in quick on iprb0 proto tcp from any to any port = 22 flags S keep state keep frags
  pass in quick on iprb0 proto tcp from any to any port = 2222 flags S keep state keep frags
  # INCOMING PING
  pass in quick on iprb0 proto icmp from any to 65.38.103.0/24 icmp-type 8 keep state
  # INCOMING GLOBAL ZONE UNIX TRACEROUTE FIX PART 1
  #pass in quick on iprb0 proto udp from any to 65.38.103.0/24 keep state
  # OUTGOING RULES
  block out all
  # ALL INTERNAL TRAFFIC STAYS INTERNAL (Zones use non-filtered loopback)
  # remove/edit as needed to actually talk to local private physical networks
  block out quick from any to 192.168.0.0/16
  block out quick from any to 172.16.0.0/12
  block out quick from any to 10.0.0.0/8
  block out quick from any to 0.0.0.0/8
  block out quick from any to 127.0.0.0/8
  block out quick from any to 169.254.0.0/16
  block out quick from any to 192.0.2.0/24
  block out quick from any to 204.152.64.0/23
  block out quick from any to 224.0.0.0/3
  # Allow traffic out the public interface on the public address
  pass out quick on iprb0 from 65.38.103.1/32 to any flags S keep state keep frags
  # OUTGOING PING
  pass out quick on iprb0 proto icmp from 65.38.103.1/32 to any icmp-type 8 keep state
  # Allow traffic out the public interface on the private address (needs nat and router arp hack)
  pass out quick on iprb0 from 192.168.1.0/24 to any flags S keep state keep frags
  # OUTGOING PING
  pass out quick on iprb0 proto icmp from 192.168.1.0/24 to any icmp-type 8 keep state
  # INCOMING TRACEROUTE FIX PART 2
  #pass out quick on iprb0 proto icmp from 65.38.103.1/32 to any icmp-type 3 keep stateIf you want incoming and outgoing internet in your zones it is easier if you just give them public ips and setup a firewall in the global zone. If you have limited public ip address(I'm setting up a colocation 1u server) then you might take this approach. One of the best things about doing thing this way is that any software configured in the non-global zones will never be configured to listen on an ip address that might change if you change public ips.

  Instead of using the script as a legacy_run script, set it up in SMF.
  First create the file /var/svc/manifest/system/ip-route-hack.xml with
  the following
  ---Start---
  <?xml version="1.0"?>
  <!DOCTYPE service_bundle SYSTEM
  "/usr/share/lib/xml/dtd/service_bundle.dtd.1">
  <!--
  ident "@(#)ip-route-hack.xml 1.0 09/21/06"
  -->
  <service_bundle type='manifest' name='NATtrans:ip-route-hack'>
  <service
  name='system/ip-route-hack'
  type='service'
  version='1'>
  <create_default_instance enabled='true' />
  <single_instance />
  <dependency
  name='physical'
  grouping='require_all'
  type='service'
  restart_on='none'>
  <service_fmri value='svc:/network/physical:default' />
  </dependency>
  <dependency
  name='loopback'
  grouping='require_all'
  type='service'
  restart_on='none'>
  <service_fmri value='svc:/network/loopback:default' />
  </dependency>
  <exec_method
  type='method'
  name='start'
  exec='/lib/svc/method/svc-ip-route-hack start'
  timeout_seconds='0' />
  <property_group name='startd' type='framework'>
  <propval name='duration' type='astring'
  value='transient' />
  </property_group>
  <stability value='Unstable' />
  <template>
  <common_name>
  <loctext xml:lang='C'>
  Hack to allow zone to NAT translate.
  </loctext>
  </common_name>
  <documentation>
  <manpage
  title='zones'
  section='1M'
  manpath='/usr/share/man' />
  </documentation>
  </template>
  </service>
  </service_bundle>
  ---End---
  then modify /var/svc/manfiest/system/zones.xml and add the following
  dependancy
  ---Start---
  <dependency
  name='inet-ip-route-hack'
  type='service'
  grouping='require_all'
  restart_on='none'>
  <service_fmri value='svc:/system/ip-route-hack' />
  </dependency>
  ---End---
  Finally create the file /lib/svc/method/svc-ip-route-hack with the
  contents of S99zone_route_hack, minus the sleep timer (perms 0755). Run
  'svccfg import /var/svc/manifest/system/ip-route-hack.xml' and 'svccfg
  import /var/svc/manifest/system/zones.xml'.
  This will guarantee that ip-route-hack is run before zones are started,
  but after the interfaces are brought on line. It is worth noting that
  zones.xml may get overwritten during a patch, so if it suddenly stops
  working, that could be why.

• Internet Sharing and Firewall

  I am having a difficult time using internet sharing to download files and access email using Mail. I can go online with my browser, but other services like Mail and downloading files doesn't seem to work.
  I feel like this is a firewall issue. Can someone tell me how to configure my firewall settings to work better with Internet Sharing?
  I am using a G5 Mac to Internet Share to my MacBook via Airport.
  Thanks for your help.

  If you need help opening the right port in the Shaing
  Pref Pane... give a hollar.:-)
  Maybe you can help me? I tried to set up new openings in the Firewall pane, but it didn't seem to do anything. Am I in the wrong place? I did this on the mini that is doing the sharing. I selected "new..." and typed 110, 25 in the TCP field.
  (I first noticed the "browser ok / mail not ok" issue when using Parallels, and then saw the same with Mail in OS X. Connecting directly to an Airport Express works fine, so it looks like it's the sharing.)
  mini dual core, MacBook C2D   Mac OS X (10.4)  

• Powerbook G4 with 10.4.10 and port forwarding

  Hey guys, so this isn't really a problem, just more of a seeking of answers, since I fixed my own problem. Just looking for some explanations.
  So, here the story goes. I am on my mac, seeding my friend's semi-professional indie movie on bit-torrent using Transmission (an old-ish version), when I realize I need to port forward my ports for best seeding speed. Well, I port forward my ports, and then decide 30 minutes later I would re-insert the memory the Apple service guys took out of my powerbook when I got it serviced a few weeks ago (problem happened without my memory in it, so I decided it was not the memory).
  I turn back on my computer, everything appears to be good, and then I open iChat and Transmission. Neither program can connect to the internet. I was only able to connect with Xbox Live Friends, Safari (only not https sites), and itunes music store. I spend two hours uninstalling no-longer used stuff like maxtor managers, and the like. I also took out the memory I put back in the computer. (Has manufacturer installed 1gb, and I installed a 2nd 1gb chip)
  I finally have no other clue, and decide to just check every possible thing I can in activity monitor. It was then that I noticed that, without anything but activity monitor and finder open, I was sending over 50KBps, and receiving over 30! I decided, as a last resort, to turn off port forwarding, and magically, my PowerBook is working again. I was only forwarding a single port, and had the firewall was set to on.
  Anybody have any clue as to what in the world was happening? By the way, my powerbook is now sitting with Finder, Safari, iChat, and iTunes open and is sending and receiving 0 bytes per second. (although the 2nd gig isn't in yet, going to go do that! But I doubt it wont work, it worked for 6 months straight...)
  Message was edited by: Johan Henkens

  Hi Johan,
  Sometimes after changing Memory configurations you need to do a PMU reet, 4 PRAM Restets in a row, or and NVRAM reset -all.
  I always start my attempts at a resolution with Applejack...
  http://www.versiontracker.com/dyn/moreinfo/macosx/19596
  After installing, Reboot holding down CMD+s, then when the prompt shows, type in...
  applejack AUTO
  Then let it do all 5 of it's things.
  At least if it doesn't fix it, it'll eliminate a few questions.
  Besides, once you really, really need it... you can't install it!
  Check Activety Monitor for mDNSResponder, (Bonjour), it can be quite chatty, the other most common Chatty thing is a bad Routewr/Cable/what have you.

• Firewall, Internet Sharing, and Leopard

  Hi guys,
  Here is my scenario: I use my Macbook to connect to a public wifi network in my apartment complex. I use my Macbook for internet sharing (wifi to ethernet) and have a Win!@#s machine which I use for gaming hooked up to the ethernet port. In Tiger, I was allowed to let the game (World of Warcraft) through the firewall by adding the tcp ports it used. But in Leopard I am not given the option to enable certain ports, only applications. The problem is, the application actually runs on the Windows machine, so I can't just select it.
  I've been reading a bit and it appears Apple did away with the port filter method and has adopted this new application only method. I find it frustrating and the developers should have known better than to disable this feature. It has severely limited the security in the operating system and has cast away power users like myself.
  Is there anyway to work around this issue? Either with 3rd party software or some other way?
  Message was edited by: Frank Cabrera

  I agree, Apple really blew it by trying to re-invent the firewall.
  Not having the ability to open or block traffic by port and IP address was a terrible idea.
  Limiting it to Applications only makes the firewall almost useless.
  I would like this idea if I was also allowed to choose for myself.
  This is a technological step backwards!
  Many many people feel the same way and some are now relying on the still built in ipfw which is a commonly used and quite robust firewall. Unfortunately it is very difficult to configure unless you really know what you are doing. I am sure this was one of the primary reasons why Apple made this decision.
  Search around this forum for ipfw and you will find a bunch of info. Just beware it is not exactly user friendly even with some nice GUI apps that help you configure it.
  Send feedback to Apple about this or it will never get fixed.

• Help with internet cam and ports

  I have a Linksys WVC54GCA  wireless Internet cam. I have set the IP to a static address. Created a DDNs account and have the address. I can see the site/cam on any computer on my network but cant seem to get it to port forward out . Help from anyone would be great. Thanks

  That is strange, because.
  Earlier when you posted what your domain was, I went to http://network-tools.com/
  and entered that domain name, you where ping-able / traceroute-able / I could find out the correct public IP and ISP address behind that domain.
  But now, I can not see the correct IP address.
  Now I am starting to wonder about what is going on..
  I think know what was going on, why you could not connect to your self by public IP.
  Auth failed, solve that first. Then I will tell you what to do..
  That means...
  While I don't use the same DDNS provider: Make sure that, you:
  #1 Are not running any DDNS client on the computer too. That, I, suspect will cause that issue.
  Run the DDNS client either on the router (if the router supports it) or on a computer behind that router.
  #2 You enter in the correct user name and password ( "password" is not the same as "Password" )
  Message Edited by dslr595148 on 10-21-2008 03:20 PM
  If you are the original poster (OP) and your issue is solved, please remember to click the "Solution?" button so that others can more easily find it. If anyone has been helpful to you, please show your appreciation by clicking the "Kudos" button.

• WRT54G2 v1.5 and Port Forwarding.

  For some reason my WRT54G2 is not forwarding ports correctly.  I have a development server running Windows Server 2008 and IIS behind the WRT with the correct external ports forwarded to the corresponding internal ports however any outside connection to these ports times out.  To knock the firmware as being the issue out I downloaded the newest listed on the support site (1.5.00.019) and performed the 30/30/30 reset.  Still unable to see these ports open externally.  Finally out of frustration I dusted off my old router and opened up the ports to my machine and was able to hit the ports right away.  Is this an ongoing issue or anyone know of a surefire fix for this?

  Comcast (business with static IP) is the ISP.  My WAN IP is correct and I'm able to access the internet just fine on the server and wireless clients connected to it.  As far as ports open I currently have four; two of the ports are standard HTTP, one is for SSL, and one is for VPN.  All of which point to the same development server.  And as stated before I took my old router (WRT54g v2.0) and set it up with virtually the same settings and have been able to communicate with the server remotely.

• WRT54G Setting static ip and port forwarding for Xbox360

  1)This is my first post and I'm a little new at this. I have a WRT54G v5 router with the latest firmware update. I have the proper ports fowarded that I found on this site. I basically want full priority to my xbox360 because I have been having some lag issues and dropping out of rooms, especially when someone is on the computer. I set a static ip on the xbox, I just picked 192.168.1.36 (Is that an ok #?).
  2)I have everything hardwired so I disabled 'wireless access web" under administration and I also disabled "wireless network mode" under the "Wireless" section. Is this correct or ok?? I don't want my neighbors or anything wireless accessing my router, will that do the trick?
  3)I'm looking at the first page you see at the linksys config page (under setup) and I see a section that says
  Static DNS 1:xxx.xxx.xxx.xxx
  Static DNS 2:xxx.xxx.xxx.xxx
  Static DNS 3:xxx.xxx.xxx.xxx
  My question is do I need to put the static ip that I assigned to my xbox in one of these static DNS entry spots??
  4)Under: Applications & Gaming>QoS I set Ethernet port 4 (the one my xbox is on) to high priority. Is that all I need to do to get priority to the xbox over the computer? Or do I need to enter something under "Device Priority" such as device name, mac address, etc.? And do I need to enter something under "Application priority" such as: Application Name, Optimize Gaming Applications, Priority, and Speciific port #, etc.??
  5) Should I disable UPnP?
  It's kind of a lot of questions but I really want to understand this fully, any help is greatly appreciated.Thanks alot!
  Message Edited by CJ427 on 01-08-2009 10:34 AM
  Message Edited by CJ427 on 01-08-2009 10:37 AM
  Message Edited by CJ427 on 01-08-2009 10:38 AM
  Message Edited by CJ427 on 01-08-2009 10:40 AM

  If your XBOX is Wireless , then you need to login to your Router with the Default IP : 192.168.1.1 by opening up a Web Browser.
  Then change the Wireless Settings of your Router SSID , Channel : 11, Security : WEP Or WPA Persoanl.
  Click on "Applications and Gaming" tab and then click on "Port Range Forwarding" subtab...
  1) On the first line in Application box type in ABC, in the start box type in 53 and End box type in 53, leave the protocol as both and under ip address type in 192.168.1.20 and check the enable box...
  2) On the second line in Application box type in PQR, in the start box type in 3074 and End box type in 3074, leave the protocol as both and under ip address type in 192.168.1.20 and check the enable box...
  3) On the third line in Application box type in XYZ, in the start box type in 88 and End box type in 88, leave the protocol as both and under ip address type in 192.168.1.20 and check the enable box and click on Save Settings...
  4) Once you return to the set up page click on the Security tab and uncheck Block Anonymous Internet Requests and click on Save Settings...
  5) Click on set-up and change the MTU Size to 1452 and click Save Settings...
  6) Goto the XBox Network Settings and IP Address Settings and select manual IP Settings and assign the following on your Xbox
  IP Address :- 192.168.1.20, Subnet Mask :- 255.255.255.0, Default Gateway :- 192.168.1.1...
  7) Also assign the DNS Addresses on the Xbox
  Primary dns :- 4.2.2.2...Secondary dns :- 192.168.1.1..
  8) Turn off your modem, router, and Xbox...Wait for a minute...
  9) Plug the modem power first, wait for another minute and plug the router power cable, wait another minute and turn on the Xbox and test it...it will connect...

• Airport Internet Sharing and Double Nat Issue on the road

  The Airport express is a very handy little piece of hardware that is particularly easy to pack in a luggage and carry along for those of us that are spending lots of time out of the office and home.
  So here is the scenario when I travel and check in into an overseas hotel: I got two iphones, one local network, one my home network, and a Mac Book Pro, and soon, [when it finally ships], an iPad.
  That makes it at least 3 MAC addresses in one room, and if i have any visiting colleagues to pack up a presentation, I will have more.
  Usually hotels in Asia are well equipped with ethernet points in every room. The problem comes when I want to allow all my gears to connect to the internet.
  I can use the Mac Book to share its ethernet connection while tethered to the plug, which not only turns it into an unlikely desktop, but also do not champion stability when it goes in stand by or sleeps and at times it even mixes up which is the access point to the net. Therefore this does not seem to be the best solution.
  I can put the AE in bridge mode and plug it straight to the ethernet. But most hotels internet access are designed to charge per MAC address, so every time the router assigns via DHCP an IP to one of my gears it requires to accept new charges for that gear, even if they are all in the same room. This definitely does not seem right either.
  Now if I configure the AE to share a public IP address and force it to ignore the double NAT warning, the AE light turns green but the internet sharing does not seem to work at all.
  My two questions are:
  1) Why can't the AE be configured like the Mac Book to have a simple "Internet Sharing" protocol that will be always live and not going to sleep or stand by like the laptop [As the AE is design to be always online as a wireless connection].
  2) is there any way to make that "Share a public IP - *** double NAT" work?
  Any feedback is welcome.
  Thanks. M

  Hi Bob,
  thanks for your reply. Yes the only way to work it out on a typical hotel set up is to adopt the bridge mode and sometime the do waive your extra logs in. But I am not always so lucky and I often need to come up with less optimal solution.
  This is a bit disappointing when you a have a AE in your luggage and you can't use it properly.
  Yet my Mac can work the problem out effortlessly by just "Sharing a internet connection" with the only major limitation of being physically connected to the Ethernet cable.
  Why can't the Airport Express do the same thing? Basically the AE could share the internet connection like the Mac Book, i guess introducing a secondary layer of NAT after the Hotel modem/router NAT setup [which is what the MAC Book is doing].
  If AE can't do that at all then I guess soon we will just end up shelving it.
  I wonder if this is an actual hardware limitation, MAC Book can wire TCP/IP flow to different sources on a double nat and AE can't, or this is just a software limitation and Apple could fix it with a firmware upgrade.
  Any thoughts on this?

• Tarantella and Port Forwarding

  Hi,
  I just installed a Tarantella SGD EE 4.0 Server which will be
  established in a firewalled and nat environment.
  As the ports 80,443,3144 and 5307 are already captured in this
  environment there will be port forwarding as follows:
  30080 -> 80
  30443 -> 443
  33144 -> 3144
  35307 -> 5307
  When I now try to reach the Server with a browser and
  http://firewall:30080 I'll see the 'normal' screen "Welcome to Your
  Secure Global Desktop Web Server".
  Trying to login fails with no significant reason in /opt/tarntella/var/log/.
  Next what I did was to scan the machine with nmap, this is the result:
  tarantella:~ # nmap localhost
  Starting nmap 3.50 ( http://www.insecure.org/nmap/ ) at 2005-04-07 16:22
  CEST
  Interesting ports on localhost (127.0.0.1):
  (The 1650 ports scanned but not shown below are in state: closed)
  PORT STATE SERVICE
  22/tcp open ssh
  25/tcp open smtp
  80/tcp open http
  111/tcp open rpcbind
  427/tcp open svrloc
  631/tcp open ipp
  1023/tcp open netvenuechat
  5001/tcp open commplex-link
  8009/tcp open ajp13
  Nmap run completed -- 1 IP address (1 host up) scanned in 1.152 seconds
  So far, security isn't configured, so its cear, that 443 and 5307 don't
  appear, but what about 3144, why isnt't it open?
  Where do I have to check what went wrong?
  Thanks,
  Jens

  I don't think this is a Mavericks issue. Read the instructions that came with your camera. Is the camera running correctly? Is port forwarding in your router set up correctly? Does your ISP allow incomming connections to port 80? What ip address are you using from the outside world, you can't use your LAN ip address? The security/camera system must be running some type of web server to allow access. Is this running correctly? Does the camera software work with Mavericks or is it designed for older OSX versions?