This article explains how to set up port forwarding on Motorola and Pace gateways, also referred to as opening a pinhole, for U-verse Business (U-Biz/Ubiz) Customers. Port Forwarding is a means of setting up rules to inform the AT&T provided modem/gateway that any data received on a specific port will be redirected to a certain IP address on the local network. The customer is responsible for providing information on all ports they need opened. If the customer does not know this information they need to consult the documentation/manufacturer of the software/hardware.
2wire/Pace Applications and Pinhole Settings
Opening Ports/Pinholes
2wire/Pace RGs come preloaded with a list of predefined applications that define rules for ports that should be opened and for what protocol. Prior to assigning an application to a device it has to be displayed on the application list in the center of the screen. In most cases, the ports needing to be opened are not in a predefined application. To add this, click Add a new user-defined application to create an application that includes the specific pinhole settings that the customer requires. Applications must be defined before they can be assigned to a device. If you know that the RG already has a defined application that will work for the customer, skip ahead to Assigning an Application to a device.
Before creating a user-defined application, collect the following information from the customer. If the customer does not know this information they need to consult the documentation for the software or hardware that needs these ports opened. AT&T is not responsible for providing this information the customer.
Application Name: A unique name for the rule that you are creating.
Port or Port Range: A singe port or range of ports on which incoming traffic will be received.
Host Port (if applicable): The port number at the start/end of the port range your Gateway should use when forwarding traffic of the specified type(s) to the internal IP address.
Protocol: Protocol type of Internet traffic, TCP, UDP or both.
Name/IP: Of the device which requires the Application Name applied.
Adding a New User-Defined Application
From the RG's GUI, click Settings > Firewall > Applications, Pinholes, and DMZ.
To add a new application that is not already in the list, click Add a new user-defined application under the list of applications.
In the Application Profile Name field enter a name for the application.
Select either the TCP or UDP radio button.
In the Port (or Range) fields enter the first port in the range in the From field and the last port in the range in the To field.
If the customer only needs one port opened enter the same port in the From and To fields.
In the Protocol Timeout field enter the number of seconds that the customer would like to set the timeout to.
If the customer has no preference leave this field blank and the RG will use the default values.
In the Map to Host Port field enter the host port number if the application requires mapping to a host port, enter the host port number.
If this field is left blank it will default to the first port in the range.
If the customer does not know if they need a base host port set then leave this field blank
If there is a matching application type in the Application Type drop-down, select that otherwise leave this field blank.
Click Add to List. The newly defined definition shows up on the Definition list and is now included in the Application.
If the customer needs to open additional ports or protocols repeat steps 4-9 until all have been added.
Click Back to return to the Applications, Pinholes and DMZ screen.
You are now ready to assign the application to a device.
Assigning an Application to a Device
If not already on the Applications, Pinholes and DMZ screen of the RG's GUI, click Settings > Firewall > Applications, Pinholes, and DMZ.
Under Select a Computer, click the device name or IP address of the device you wish to open the port for.
If you do not see the IP or device name listed, enter it in the Enter IP address field and click Choose.
Under Edit firewall settings for this computer, select the Allow individual application(s) radio button.
Filter the list of applications by selecting a desired category, then highlight the name of the application in the application list to allow traffic to go through the firewall. Click Add and the application shows up in the Hosted Applications list.
To remove any unwanted applications that are currently showing in the Hosted Applications list, highlight and click Remove.
Click Save. Result: You have successfully opened the ports selected for the device that you have assigned the Application to.
Motorola NVG series Services and Pinhole Settings
Opening Ports/Pinholes
Motorola RGs come preloaded with a list of predefined Services that define rules for ports that should be opened and for what protocol. In many cases the ports you need to open are not in a predefined Service and you need to create a Custom Service that includes the specific pinhole settings that the customer requires. Services must be defined before they can be assigned to a device. Prior to assigning a Service to a device it needs to show up in the Service list in the center of the screen. On Motorola RGs, custom services have an asterisk (*) before the name in the Service list. If you know that the RG already has a defined application that will work for the customer skip ahead to Assigning a Service to a device.
Before creating a custom service, collect the following information from the customer. If the customer does not know this information, they need to consult the documentation for the software or hardware that needs these ports opened. AT&T is not responsible for providing this information for the customer.
Service Name: A unique name for the rule that you are creating.
Global Port Range: A single port or range of ports on which incoming traffic will be received.
Base Host Port (If applicable): The port number at the start/end of the port range your Gateway should use when forwarding traffic of the specified type(s) to the internal IP address.
Protocol: Protocol type of Internet traffic, TCP, UDP or both.
Name/IP: Of the device which requires the Service Name applied.
Custom Services
From the RG's GUI, click Firewall > NAT/Gaming.
You may be required to provide your Device Access Code.
The Device Access Code is printed on a label on the side of the Gateway.
If prompted, enter the Device Access Code, located on the sticker on the side of the RG, in the Device Access Code field and click Continue.
To add a new service that is not already in the list, click Custom Services in the Manage Custom Services section of the page.
This takes you to the Custom Services screen where you can define custom services.
In the Service Name field, enter a name for the application.
In the Global Port Range fields enter the first port in the range in the first field and the last port in the range in the second field.
If the customer only needs one port opened enter the same port in both fields.
In the Base Host Port field enter the host port number if the application requires mapping to a host port, enter the host port number.
If the customer does not need a base host port set then set this to the same port that you entered into the first Global port range field.
Select the appropriate protocol (TCP, UDP or Both) from the Protocol drop-down.
If the customer does not know which protocol they need set, select both.
Click Add.
The newly defined service shows up on the Service List.
If the customer needs to open additional ports or port ranges, repeat steps 3-7 until all have been added.
Unlike with 2wire/Pace RGs you need to create a unique Service Name for each range of ports that you need to open for a device.
Once all of the port settings have been added to the Definition list, click Return to NAT/Gaming to return to the NAT/Gaming screen.
You are now ready to assign the Service(s) to a device.
Assigning a Service to a Device
If not already on the NAT/Gaming screen of the RG's GUI, click Firewall > NAT/Gaming.
You may be required to provide your Device Access Code. The Device Access Code is printed on a label on the side of the Gateway.
If prompted, enter the Device Access Code, located on the sticker on the side of the RG, in the Device Access Code field and click Continue.
To allow a certain Service to go through the firewall, select the service name from the Service drop-down.
Select the device that the customer wants the pinholes/ports opened for from the Needed by Device drop-down.
Click Add.
The service shows up in the Hosted Applications list as being associated with the device.
Repeat steps 2-4 for any additional services that need to be assigned.
You have now successfully opened the ports selected for the device that you have assigned the Service(s) to.
To remove any unwanted services that are currently showing in the Hosted Applications list, click Delete.
Sunday, July 19, 2015
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment