| pinhole vs setting up dynamic DNS I posted a question about setting up a pinhole after a changeover
from DSL to Uverse and got the following from DavidG:
just use a dynamic dns service, there are several out there, to point
to your catalog. then set you link on the web page to point to the
page name. say you name it banderalib.dyndns.org, you would
change the link on your main page from »70.128.153.246/cataloging
/servle···y+Search to »banderlib.dyndns.org/cataloging/···y+Search
you run a client on your machine or router, and the link is always
updated without you having to do anything.
I now know the new (supposedly temporary) IP address for the new
uverse router. It is 99.66.110.99. If I enter this on the browser
address line (or in trying to click through to the catalog server on
our web site,) IE comes up with a warning and this line:
There is a problem with this website's security certificate.
plus ways to navigate to the site anyway. So if I set up a dynamic
dns like DavidG suggests it will not get me to the catalog like the
pinhole did that he helped me set up. And I really would not like
to set it up with this fixed IP address anyway.
The new router is a Ubiquity Air Router. I've got the manual
and they have port forwarding capability and call it a "tunnel."
I've tried some things, that haven't worked. If I could get this
working, I would be happy to change the IP address whenever it
changes (probably rarely if ever.)
So could someone who knows either how to use dynamic
dns as an address for the catalog or how to set up the
port forwarding on the Ubiquity Air Router please help.
The web site is this:
»banderalibrary.org
The online catalog link that used to work with the Netopia
pinhole is near the bottom of the page.
Thanks for any help!
Ken Rogers |
|
 davidgGood Bye My FriendPremium,MVM
join:2002-06-15
none | you will still have to forward the port 80 from the wan side of the router to the machine with the catalog. i have no experience with this new one, but basically you are looking for how to either change the built in Web interface to something like port 8080 and then forward port 80 to the catalog or to set your dyndns service to point to port 8080 adn forward that to the catalog. sorry, i should have included in the previous answer but some some reason i just assumed you knew this still had to happen.
--
Lack of Preparation on YOUR Part does NOT Constitute an Emergency on Mine! |
|
 wayjacPremium,MVM
join:2001-12-22
Indy | reply to kenrogers4
said by kenrogers4:I posted a question about setting up a pinhole after a changeover from DSL to Uverse What is the make and model number of the modem used with the uverse internet |
|
| It's a Motorola 2210-02 |
|
| reply to davidg
Hi DavidG:
I'm working on putting together a what-if plan. I think I can do the tunnel on the AirOS Router like we did on the Netopia. I'll bounce it off you when I get my homework done....Ken |
|
|
|
wayjacPremium,MVM
join:2001-12-22
Indy | reply to kenrogers33
The uverse internet uses the motorola 2210-02-1att modem
said by kenrogers33:If I enter this on the browser
address line (or in trying to click through to the catalog server on
our web site,) IE comes up with a warning and this line:
There is a problem with this website's security certificate If this is the page you see
That page is displayed because you have not forwarded port 80 to the computer that has the content you want to serve
Right now port 80 is directed to the ubiquity air router
After you set up the port fowarding on the ubiquity air router clicking the link will display the proper content
Doing this is much easier than setting up the dynamic
dns client that you don't need because the uverse internet public ip address is just like having a static public ip address |
|
| Thanks for the help! That modem/router combination was kind of flaky. We kept losing service and had to reset the modem to
re-establish service many times! So we complained to ATT and they sent a new modem/router: a Motorola NVG510. I got it
installed yesterday and it seems to work just fine! Funny, I didn't even have to go through the registration steps...as
if it picked up our data from our previous connection somehow.
Anyway with the NVG510, it seems that setting up the portforwarding or pinhole will be easier. I could just hackaway and
try some things but I thought I'd ask you experts a few questions.
The figure above is from the NVG510 control. It is a selection page for a custom service, which for the library will be
the Destiny Catalog on our internal server. With the netopia 2246 we used port 80 for our catalog service and reset the
nominal port to 8080. Here it is wanting a "Global Port Range" and a "Base Host Port". My guess is that I use 80 for
the Base Host Port but what do I put for the Global Port Range? 8080 to 8080? (Allowable is 1 to 65535!)
That takes us to the next figure. In this one I will have added the catalog server with a label and enter the correct
IP address for the "Needed by Device" entry. When these steps are done, the catalog, seemingly, will work. Seems pretty
clear.
Or am I missing something?
And what about security? Should I do anything special to avoid a hacker getting control of our server somehow?
I would sure appreciate help with these two issues: "global port range" and "security adequacy." Any additional comments
to make all of this more understandable would be appreciated also!
Thanks!
Ken Rogers |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by kenrogers4:With the netopia 2246 we used port 80 for our catalog service and reset the
nominal port to 8080. Here it is wanting a "Global Port Range" and a "Base Host Port" The global port range refers to the internet port number
The base host port refers to the port number used on the lan
If the destiny catalog server is using port 8080 and the internet port is 80
The global port would be 80
The base host port would be 8080
If the destiny catalog server is using port 80 and the internet port is 80
The global port would be 80
The base host port would be 80said by kenrogers4:And what about security? Should I do anything special to avoid a hacker getting control of our server somehow? The security is the same as it was with the 2246 |
|
| Thanks for the quick reply! With the 2246, the nominal port in use was 80 and I changed it to 8080. Then I made port 80 the one to
use with the catalog server within the library. So from what you say
I would leave the base port as 80 and designate 80 to 80 as the
global port range. Correct?
Thanks again, Ken |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by kenrogers4:With the 2246, the nominal port in use was 80 and I changed it to 8080 I'm unfamiliar with how you use the term "nominal" does it refer to the port number used by the internal server?
If I don't know your definition of the terms you use I can't provide good answers
The global port number refers to the port number used on the internet
The base host port number can be the same as the global port number unless the internal server is configured to use a different port number |
|
| Sorry about the confusion. I think my "nominal" equates to "external internet." Trouble is I know enough to be dangerous. When setting up the pinhole on the 2246 (or later 2247) I first changed the port from 80 to 8080 but left the catalog server access to port 80. Why that first change was necessary, I don't really know or how it is related to this Global Port Range (GPR) setting. Anyway, it worked and our catalog was available from outside the library. That's what I'm trying to accomplish now. Maybe I'll try both: GPR 8080 to 8080 and GPR 80 to 80. Then see if either or both work. Maybe GPR as 80 to 8080 is the correct choice. But that would seem to open the system up to security hazards.
Thanks again, Ken Rogers |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by kenrogers33:I think my "nominal" equates to "external internet." This clears this up for me
"external internet." is the global port range
The server is listening to a certain port number most likely 80 unless you have changed the port number
All web browsers use port 80 for http by default unless the user appends a port number to the url.....so if your catalog server is set to port 80
The global port is 80 and the base host port is aslo 80
The global port has two fields so a range of port numbers can be specified when only one number is needed the second field can be left blank....unless the router complains
Also when the global and base port numbers are the same you may be able to leave the base field blank ....unless the router complains |
|
| Thanks for the help! I did try the things discussed above without success. But I was hurrying and may have goofed up. Will keep trying. Ken |
|
| Got it working! Have the global range set as 80 to 80. Everything as we've discussed. Thank you, thank you, wayjac and davidg for this and past help!!!
Ken Rogers |
|
| One final question, wayjac or davidg. Is the security for this setup as good as it was before with the Netopia? Ken |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by kenrogers4:Is the security for this setup as good as it was before with the Netopia? I think the security for the nvg510 is just as good as the netopia's security
Did you know that motorola owns the netopia brand |
|
| Yep, but you sure can't tell it from the control pages: Netopia 2246 and 2247 utterly different from either M 2210 or 510. Different worlds...I doubt the designers talk to each other. |
|
| A puzzle: With the Netopias we could access the catalog from within the library. Now with the NVG510 we can access the catalog from outside the library (i.e., from home) but not from within the library. This made me think I had failed to get it working initially! But when I went home and, on a whim, tried it, it was working!!! Elated, you bet, but puzzled. Makes testing more difficult because I have to go home or have a cohort test from their home if I try something new. Any ideas as to why? Thanks, Ken |
|
wayjacPremium,MVM
join:2001-12-22
Indy | said by kenrogers4:Now with the NVG510 we can access the catalog from outside the library (i.e., from home) but not from within the library It's very normal to not be able to access "services" on your lan by using your public ip address when using att issued equipment |
|
| Back at the start of this sequence I asked about problems with dynamic IP addresses. Now we have gone through several modem/router combinations and I have a form of pinhole working with a fixed IP address.
At zerigo.com I established a free domain, bandlibcat.org, for the purpose of dynamically determining the IP address when it changes (even if rarely) so I don't have to go in and edit the web site when it changes. What I have on our website is an entry like this:
»{IP address}/...etc.
What I want is this:
»bandlibcat.org/...etc.
If the dynamic domain will get the current IP address (from ATT servers with the info) and substitute it, everything will be working like I want it to. When I tried to go about using ATT servers, to get the current IP address to use in the new dynamic domain, I couldn't get anywhere. I got on a chat with ATT tech support and they were no help at all. I sent zerigo support an email stating the question as above with no answer. Can anyone here, wayjac or davidg, please give me a clue as to how to do this?
Thanks, Ken |
|
