When it comes to setting up a router, it will probably work right out of the box. However, if you enable sharing on your PCs and don’t take some basic precautions, everyone within wireless range will be able to access your files. (See earlier post on Securing your data – Password Protection and Encryption.) However, if you want to have access to your own files without the hassle of decrypting them, or want to share your files to devices that cannot decrypt, then you need to setup MAC Address filtering and wireless encryption. MAC Address filtering allows only devices you authorize to use your network, and encryption keeps people from reading your data over the air.
Most of the applications I will cover in this blog require some additional manipulation of advanced router settings. I am currently running a D-Link DIR-615. This is a good cheap option, but it does not enable guest services, or NAT Looping, and I cannot save the administration password (which is just an annoyance because I have to reenter it all the time). None of these are show stoppers, but they are annoying if you want to support advanced router traffic. Guest services are a feature, where the router basically broadcasts on two networks, one that is secure, and one that is open (ie: provides access to the internet, but cannot share files with computers on the secured network.) NAT Looping is where a www.domain.com redirects (loops back) to another PC (server) in my house. Without NAT Looping on the router, I am always directed to the router administration page, rather than the content requested. From outside the house it works fine. This then requires me to have two different shortcuts to my server applications, a “www.domain.com” for outside the house, and a “192.168.0.XXX” from inside the house. I used to have a D-Link DI-524 which had NAT Loopback but did not offer guest services. I have heard that many router manufacturers are discontinuing NAT Loopback for security. All of these routers are good, but if you want the best inexpensive option with everything I would get a D-Link DIR-655 although it appears to still have the inconvenience of not remembering the admin password. Or you could get it refurbished D-Link DIR-655 Refurb.
For most applications that are port specific (web server, ftp, remote desktop, etc.), static LAN IP addresses inside the house are required, along with router virtual ports. The reserved static IP address that will always be the same. This allows me to access applications from outside and inside the network through redirecting virtual ports to a specific LAN address.
I usually enable remote administration (default port 8080) on any routers that I setup. In conjunction with my No-IP Dynamic DNS service, I always have access to help people with ongoing setup, adding authorized devices, troubleshooting, and support. Always make sure to use a secure password, rather than the default when enabling remote administration.
Most of the applications I will cover in this blog require some additional manipulation of advanced router settings. I am currently running a D-Link DIR-615. This is a good cheap option, but it does not enable guest services, or NAT Looping, and I cannot save the administration password (which is just an annoyance because I have to reenter it all the time). None of these are show stoppers, but they are annoying if you want to support advanced router traffic. Guest services are a feature, where the router basically broadcasts on two networks, one that is secure, and one that is open (ie: provides access to the internet, but cannot share files with computers on the secured network.) NAT Looping is where a www.domain.com redirects (loops back) to another PC (server) in my house. Without NAT Looping on the router, I am always directed to the router administration page, rather than the content requested. From outside the house it works fine. This then requires me to have two different shortcuts to my server applications, a “www.domain.com” for outside the house, and a “192.168.0.XXX” from inside the house. I used to have a D-Link DI-524 which had NAT Loopback but did not offer guest services. I have heard that many router manufacturers are discontinuing NAT Loopback for security. All of these routers are good, but if you want the best inexpensive option with everything I would get a D-Link DIR-655 although it appears to still have the inconvenience of not remembering the admin password. Or you could get it refurbished D-Link DIR-655 Refurb.
For most applications that are port specific (web server, ftp, remote desktop, etc.), static LAN IP addresses inside the house are required, along with router virtual ports. The reserved static IP address that will always be the same. This allows me to access applications from outside and inside the network through redirecting virtual ports to a specific LAN address.
I usually enable remote administration (default port 8080) on any routers that I setup. In conjunction with my No-IP Dynamic DNS service, I always have access to help people with ongoing setup, adding authorized devices, troubleshooting, and support. Always make sure to use a secure password, rather than the default when enabling remote administration.
No comments:
Post a Comment