>> Netopia >> Support >> International Broadband Equipment Support >> Eircom 3300 Series Support Page >> IEQG_025 (a)
Pinholes (Port Forwarding) IEQG_025 (a)
Pinholes let you pass specific types of network traffic through the Netopia's NAT interfaces. Once configured, selected types of network traffic, such as FTP requests or HTTP (Web) connections, will be forwarded to a specific host or server behind your gateway device.
PLEASE NOTE: From the LAN (Local Area Network), you will also be able to access these servers, but only using the internal private IP address. Access via the public IP address is not supported from a local ethernet connection.

CAUTION: If you are configuring a pinhole for HTTP port 80 (a web server) on your network, or if you need to forward telnet to a local server, you must change the Default Internal Server in the Netopia router. Click Here for instructions.

This technote will guide you through the setup process for Pinholes in your Netopia.

Related documents: Address Forwarding   |  Software Hosting
Firmware Reference v7.2 R1 through v7.4.2 -- Netopia 3347W

Before you start
Please Note: The IP Addressing in this document is for illustrative purposes only. The public IP's provided by your ISP will be different and unique to your internet account. With Network Address Translation enabled, any private network addressing scheme can be used that is consistent with your LAN settings.

Browse into the Netopia's web interface at http://192.168.1.254 (if using the default IP setting). If your network has a different IP addressing scheme, modify this accordingly. The default Username is admin, and the default Password is the router serial number. Remember to click the button to save any entries. Hitting the back button without clicking will undo any changes.

Once you have completed your configuration, click on the symbol in your upper right hand corner to validate the changes. Then click on Save and Restart.

Configuration -- v7.2 through 7.4.2
  1. Click on Configure in the upper Menu bar.
  2. Click on Advanced.

  3. Under the NAT heading in the Network Configuration box,
    click on the Pinhole selection.
  4. Click on the Add button.
  5. In the Pinhole Entry box, enter the parameters for your pinhole. For example, to add a mail server:
    1. In the Pinhole Entries table, in the first line, type the name you would like associated with the pinhole. For this example you might call it SMTP for a mail server.
      PLEASE NOTE: Each pinhole you configure must have a unique name associated with it. If you should duplicate the pinhole name in a subsequent entry, it will overwrite the first entry.
    2. Protocol Select is TCP by default. Different protocols can be selected from the drop-down menu when appropriate.
    3. External Port Start is 25 for this example.
    4. External Port End is also 25 for this example.
    5. Enter the Internal IP Address of your mail server.
    6. The Internal Port is 25.
    7. Click on Submit to save the changes.
    8. Click on the Add More Pinholes link. This takes you back to the Pinholes "menu" screen.

  6. Again, click on Add in the Pinholes box and repeat the previous steps to add,
    if needed, POP3, and substitute port 110 in the 3 corresponding fields.

Configure a PPTP VPN Pass Through:
If you have a PPTP VPN client, such as Microsoft Dial-Up Networking, on a remote computer, and you wish to tunnel into a server (NT or Win2K typically) running VPN services on your LAN, you would create a pinhole for this. This would allow "telecommuters" to access resources on the network.

  1. From the main Pinhole Configuration page, click on the Add button.

  2. This will require two pinhole entries. For the first:
    1. We'll name this one VPN-1.
    2. The Protocol is TCP.
    3. External Port Start and End is 1723.
    4. Enter the Internal IP Address of the server. (192.168.1.20 for our example)
    5. The Internal Port is also 1723.
    6. Click on the Submit button.
    7. Click on the Add More Pinholes link.

  3. Again, click on the Add button.
    1. Name this pinhole VPN-2.
    2. Select PPTP from the drop down Protocol menu.
    3. Leave internal and external ports at 0.
    4. Enter the same IP Address that was added above.
    5. Click on Submit.
    6. Click on Add More Pinholes.

  1. The router will now forward the PPTP traffic to the local server on the network.
Configure a Timbuktu Host:
Timbuktu, manufactured by Netopia, is a popular remote control software application that allows you to control a remote PC or MacIntosh.

PLEASE NOTE: Timbuktu uses a range of ports for the control features of this application. If you have a model 3341/3346 and wish to configure pinholes for this or any application using a range of ports, Please Click Here for specific instructions that pertain to these models ONLY!

  1. Following the previous example, again click on Add, and name this one Timbuktu-1.
    1. Protocol Select is still TCP.
    2. External Port Start is 1417.
    3. External Port End is 1420.
    4. Enter the Internal IP Address of the workstation you wish to control remotely. (Example 192.168.1.15).
    5. Enter 1417 for the Internal Port.
    6. Click Submit for this entry.
    7. Click on the Add More Pinholes link.

  2. Click on Add.
    1. Give this entry a unique name such as Timbuktu-2 to prevent overwriting the first entry.
    2. Change each of the port numbers to 407 in the corresponding three fields.
    3. Click on the Protocol drop-down box and select UDP.
    4. Enter the IP address of the workstation again in the Internal IP Address field.
    5. Click on Submit to save the changes for this entry.
    6. Click on the Add More Pinholes link.

  3. Here you can again click Add for a new pinhole, or you can highlight an existing pinhole entry to Edit the configuration or Delete the entry altogether.

  4. Once you have finished with the configuration of the pinholes, click on the in the upper right hand corner. This will validate that the settings are legal for your network.
  5. Click Save and Restart. This will restart the Netopia and retain the pinhole configuration.

Conclusion
You've now configured your Netopia Router for port forwarding Pinholes.
Be sure to restart the router for these changes to take effect.

Related Links
Getting Started; TCP/IP Properties
Installing a Feature Key for the 3300 Series

© 2007 Netopia, Inc., a Motorola Company. All rights reserved.