FANDOM


How to portmap Edit

[[HostMapping]]

  • For this you will need to use the Port Mapping feature which is accessable from WiaNa.
  • You will also need to know the port that the program is using i.e. port21 default for FTP server.
  • You will then need to openthis port on your router/firewall or forward it to the MeshAP IP.
  • You now need to login to WiaNa and select the MeshAP node that you are using.
  • At the bottom of the Firewall settings check Same Clients firewalled NO, Select Manage Node and scroll down to the Port Mapping Settings.
  • Set Mesh Port Mappings to YES.
  • Add the eth0 port no: the nodes local IP: the port again So it will look like this : eth0:21 192.168.0.XX:21
  • Now press Make changes and when the node reboots you should have access to the FTP server or your streaming audio/video will be accessable from the net.

Opening port on meshbox Edit

  • If you are logged on to a meshbox as a wireless client for example on a RepeaterNode node and your camera and GatewayNotes meshbox have ethernet ip addresses in the 192.168.1.x range (and are on the same lan) then it is likely that the problem is that the 192.168.1.x SubNet appears by default on the ethernet port of every wireless meshbox.
  • Change the Wired Local parameter in the core settings menu to another SubNet range for each RepeaterNode that would be between you and the gateway.
  • For example set one of them to 192.168.4.2 and another to 192.168.5.2
  • This means that the meshbox you are on can find the 192.168.1.x address (which as on the gateway lan segment) and it doesn't get diverted to the local lan segment of any meshboxes it passes through.
  • The is the most likely answer as the meshbox doesn't block any outgoing ports (other than those in the firewalling menu) for authenticated users.


back to http://scratchpad.wikia.com/wiki/Sasecurity TableOfContents

How to portmap Edit

* http://www.wifi-base.com/content/view/35/1/
* How to Port Map Thru MeshAP

Running a FTP server or video streaming

* For this you will need to use the Port Mapping feature which is accessable from WiaNa.
* You will also need to know the port that the program is using i.e. port21 default for FTP server.
* You will then need to openthis port on your router/firewall or forward it to the MeshAP IP.
* You now need to login to WiaNa and select the MeshAP node that you are using.
* At the bottom of the Firewall settings check Same Clients firewalled NO, Select Manage Node and scroll down to the Port Mapping Settings.
* Set Mesh Port Mappings to YES.
* Add the eth0 port no: the nodes local IP: the port again So it will look like this : eth0:21 192.168.0.XX:21
* Now press Make changes and when the node reboots you should have access to the FTP server or your streaming audio/video will be accessable from the net.

Portmapping a camera Edit

["Port forwarding with a camera"] , PortForwardWebCam


Forwarding ports and nat Edit

{{{ The 172 address is the mesh tunel address between the two nodes. You may need to port foward ether arange of ports or a signal port for the customer. see the wiki. http://www.locustworld.com/tracker/wiki?p=UsingPortMappings I have a customer that wants to play a legacy game that can't seem to successfully navigate the mesh. So my question is, how do I assign certain ports to come only to this customer. I have tried various FORWARD, PREROUTING, and POSTROUTING rules with iptables with no success. This client is attached on wlan0 to a node that then connects on wlan0 with the gateway node which is attached to a T1 router on the eth0 interface. The gateway node has an external IP of 216.212.??.??? The gateway is known on the mesh as 1.60.???.?? The node (Node1) that the client attaches to is known as 1.46.???.??? The client's IP is 192.168.141.240 Now when I trace a route OUT from the client's PC, it goes first to Node1 (192.168.141.1) and then from there to the gateway node that shows up as "172.16.141.1", and then out to the T1 router. I'm not sure where that 172.16.141.1 number comes from.. I've not seen it in any of the node configurations, and I was not using it in any of my iptables rules attempts. }}}


Portmapping as described on Locustworld Edit

{{{ >I know this is in the Wiki - but for some reason it's not working for > me :) > > I am trying to help a client map out IP cameras from a particular IP. > What is desired is to have one static (real-world) IP with multiple > ports, each redirected to a different camera. So typing > http://1.2.3.4:1001/ will get one camera, while http://1.2.3.4:1002/ will > get another camera. > > Has anyone successfully done something like this, and if so, how?? > Using the directions on the Wiki doesn't seem to work.

Ticket 61: Port mapping broken for routable IP's through gateway node

   Following the exact wiki instructions for port mapping as per Jon, this function appears to work only if the gateway eth0 is set to a non-routable (192.168.x.x) address. If the eth0 is set to a static routable address (e.g. 24.20.x.x.)or has received one via dhcp, it will not pass the port.
   This is a serious problem for us, because it prevents multiple network cams being visible via the gateway. Host mapping only allows one camera at a time to be made visible via the gateway.
   Possibly related, test daemons that we loaded on the gateway and that have open ports, also cannot be seen outside the gateway. This is unaffected by any test iptables settings.

[Append remarks] Remarks:

   You can try redirecting to the remote endpoints of the tun interface, for example 192.168.CELLID.2 for at the gateway node (replacing cellid with the node cell id) and then putting the remote port map on the tun: interface. Assuming you are redirecting external public internet access to a specific port on a remote client on a remote node of the mesh. Make sure to be running the latest build25 release to ensure you have all bugfixes required.

Properties:

   Type:       code                    Version:        1241
   Status:     review                  Created:        2004-Jan-25 18:10
   Severity:   1                       Last Change:    2004-Dec-16 18:08
   Priority:   2                       Subsystem:
   Assigned To:                                Derived From:
   Creator:    anonymous

}}}


Forwarding on satelite links Edit

This is what I expected. We already port forward on the Arc to enable us to ssh remotely into meshes other than Kirby Hill. I'll let you know how we get on. Straightforwardish - you can't do host mapping to the internet sensibly with an Aramiska connection, as you only have one IP address to play with. What you can do is port mapping (which was why I asked about the usage requirements). What I would suggest you do is to map a random port (eg 8022) to them as the port to use to ssh in. On the Aramiska box you forward port 8022 to port 8022 on your gateway meshbox. You then forward port 8022 on the gateway meshbox to 8022 on the client meshbox. On the client meshbox you forward port 8022 to port 22 on the IP address of the server.

You can do the same with port 8080, except that assuming you aren't using it anywhere else, you can simply use that port all the way through.

An alternative would be to use host mapping to map the server to an address on your Aramiska LAN - eg 192.168.1.240. However, you still have to forward the ports on the Arc to that IP address. l

TCPDUMP and port forwarding Edit

I have a client on my mesh with an IP camera which we have managed to set >up port forwarding to so far, and when users as far as other nodes on the >mesh access the camera (on port 999) via 213.xxx.xxx.xxx:999 i.e. the aramiska >address + port, they can get in - however nobody on the other side of our >aramiska dish can. What's the problem? and will our forthcoming ADSL line >fix it? >

Have you set up port forwarding on the Aramiska box to go to the correct port? If you do tcpdump -n -i eth0 port 999 do you see the traffic coming in when you try to connect to it from outside?


adfaf asdf as asfasdf Edit

Use an entry like aaa.bbb.ccc.ddd xxx 192.168.yyy.240

aaa.bbb.ccc.ddd is your realworld StaticIp address xxx is the PRIMARY cell id of your RepeaterNode 192.168.yyy.240 is the StaticIp address of your server on the repeater.

yyy will be the same as xxx if the server is plugged into the ethernet port of the meshbox. It will also be the same if the server is on wlan0. If the meshbox is a dual-radio meshbox and the server is on wlan1, then yyy will be the SECONDARY CellId of the RepeaterNode

xxx will always be the PRIMARY CellId though, no matter if it is wlan0 or wlan1 or eth0.

Does that make sense? If not I'll try to explain it better with multiple scenarios spelled out exactly.

For a number of years we had servers connected to the gateway hub and had no problems accessing them Now we need to have servers on non gateway Mesh AP is there a way of doing this using the WiaNa management interface only?

I have given each Mesh AP a unique number (xx) which I use in Core Settings / Wired Local 192.168.: xx.2 The server/s (a Mac Mini at the moment) is on a Fixed IP 192.168.xx.240 connected to the same hub as the Mesh AP I have furtled about with the Port mapping settings ( set to yes) eg Spec 1: br:80 192.168.3.240:80 Spec 2: wlan:80 192.168.3.240:80 ~ ~ using this directs all wifi traffic on this AP to the server irrespective of URl called Spec 3 ???

Both wired and WiFi can use the smtp server on 192.168.3.240 I can use the server locally but cannot see it from any other Mesh AP As you can see my level of incompetence has been exceeded and would appreciate any guidance I have tried the settings given a posts last year but they do not work for us has anyone else got this working

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.