| TERMS |
|
This document and what comes with it are
provided as-is with blunt warning: Use at your own risk,
buyer beware. You break your system; you own the resolution
as well. We have no liability for what you do, or can't
do, or fail to do with this information. Your entire protection
is to start over again with a protected backup, or from
protected system. If you don't want to accept this idea,
please don't use this document.
|
Preparing a D-Link DI-624 router for your SBS network - Part 3
The D-Link DI-624 is a wireless router. It has no adsl modem so you won't be using one of these as your internet connection, but you may want to use one as an extra layer of defense between your sbs external NIC and the Internet.
In order for for some services on a Small Business Server to function properly some sort of Port Forwarding must be enabled. For example Exchange Server needs to listen on TCP Port 25 if it is to recieve mail by SMTP. I am going to show you how to enable Port Forwarding using 'Virtual Servers' (NAPT). I'm also going to show where to enable VPN Pass Through for PPTP & IPSec.
- Connect a laptop to one of the routers LAN ports.
- With a web browser, browse to the IP address of the router, this is 192.168.0.1 usually.
- You will be prompted to log in, the default username is 'admin' and the default password is blank (although I have set one).
- We will start by opening some Ports.
- Click the 'Advanced' tab.
- You will now be looking at the Virtual Server page. This router has several predefined 'Virtual Servers' which are, by default disabled.
- Common ports that you may need to forward for SBS are:
Port number Protocol Service
25 TCP Exchange Server
80 TCP Web Server HTTP
444 TCP Intranet
443 TCP Remote Web Workplace - Web Server SSL/HTTPS
3389 TCP Terminal Services
4125 TCP Remote Web Workplace
- Enable the existing Virtual Servers you need by clicking the 'edit' icon next to the 'trash can' icon. The virtual server will be highlighted in yellow, and the details of that Virtual Server will populate in the fields near the top of the page.
- The currently displayed Private IP of 0.0.0.0 should be changed to the IP address of your servers External NIC.
Click the 'Enabled' radio button. Then click the green tick to Apply your setting.
- Click the 'Continue' button.
- You will notice that the 'Virtual Server' for the port you just edited is now enabled and forwarding to the internal IP address you specified.
- Repeat the process for any other ports you need open. For security reasons, do not open ports you don't need.
- Now add your own 'Virtual Servers' for the other ports you need that were not pre-defined.
- Complete the details in the fields within the red elipse shown in the image below:
Enter the correct information to enable the port you need.
For normal port forwarding you should put the same port number in 'Private Port' and 'Public Port'.
Click the green tick to 'Apply' your settings.
- Click the 'Continue' button.
- The 'Virtual Server' you just added is now enabled and displayed in the list.
- Repeat the steps to add your own 'Virtual Servers' for as many Ports that you need open. For security reasons, do not open ports you don't need.
- Next we will make sure the router is enabled for VPN passthrough.
- Click on the Tools tab, then click on the Misc button.
- By the VPN Pass Through Settings, click the radio button/s for enabled.
- Then click the green tick to Apply your setting.
- After the router restarts, click the 'Continue' button.
- VPN Pass Through is now enabled.
|