6 Replies Latest reply: Sep 9, 2012 2:24 PM by Mario Abanto
MajorIP4 Level 1 Level 1 (20 points)

I have been trying to setup my network for remote TC access via port forwarding. Here's my setup:

 

Verizon FiOS router (main router, dhcp & nat) -> connected to TC set in bridge mode with a static IP

 

I can remotely access the TC using Back to my Mac with no problems, and of course locally on the home network via Wifi.

Since the TC has to connect in bridge mode, port forwarding is done on the FiOS router.

 

If I set a port forwarding rule in the FiOS router TCP,UDP (any) to port 548, it works. However I want to use a specific connection port

so others can't connect unless they know the forwarded port. BTW, I have remote disk sharing set with Use Device Password.

 

So here's what works:

 

FiOS Router (TCP any -> 548, UDP any ->548)

 

What doesn't work:

 

FiOS router (TCP 8990 -> 548, UDP 8990 -> 548).

 

Is there any additional setting required for specific port forwarding to work?

  • 1. Re: Remote TC access via port forwarding
    LaPastenague Level 8 Level 8 (35,400 points)

    How are you setting AFP to use the wrong port?? You cannot simply change the port AFP is using at the router end.. you have to change it at the remote end to use 8990. Even then it may not work. Some protocols simply cannot be changed.

     

    I don't think it will do much to protect your system.. a standard port scan will still show up the port is open.

     

    If you are using the Time Capsule password.. (Device is not in the list) it would be better to use disk password for remote access.

  • 2. Re: Remote TC access via port forwarding
    MajorIP4 Level 1 Level 1 (20 points)

    Let me try to make clear what I'm trying to do. I want to port forward an unused port (8990 was jst an example) to the static IP my TC is using which is 192.168.1.22

     

    So in the FiOS router I have setup port forwarding the unused port to 192.168.1.22. The rule states any TCP/UDP for port 548 will be forwarded. Here's the entry:

     

    Network Connection/Device: 192.168.1.22:8990

    Applications & Ports Forwarded: TCP Any->548 UDP Any ->548

     

    However if I don't specify the port for 192.168.1.22 I can open the connection. As far as disk password I don't think its any more secure that using the TC password, is it?

     

    Hackers will be hackers, however the novice may not spend time doing a full port scan.

  • 3. Re: Remote TC access via port forwarding
    MajorIP4 Level 1 Level 1 (20 points)

    Okay I have it working..... port forwarding for specific ports require both ports to be specified in a rule.

     

    Here's my setup:

     

    Network Connection/Device: 192.168.1.22:8990

    Applications & Prots Forwardrd: Tcp Any->548 UDP Any->548

     

    Network Connection/Device: 192.168.1.22:548

    Applications & Prots Forwardrd: Tcp Any->8990 UDP Any->8990

     

    This is how ActionTec router works. Hope this helps others.

  • 4. Re: Remote TC access via port forwarding
    Mario Abanto Level 1 Level 1 (5 points)

    You're my hero!

     

    I also have my TC in Bridge Mode to my Verizon FIOS Router.  I used to be able to access my TC remotely, but since I upgraded my router (MI424WR GigE), I had forgotten some port forwarding rules I must have established in my old router.  Once I re-created these two port forwarding rules (just like yours), I can remote access my TC (with TC password) again.

     

    In addition, I have a static host name aliased to my dynamic IP address through dyndns.org (I have the free version, which I don't think is available anymore, but there are other free providers out there) for easier remote access.

     

    Regarding, Secure Share Disks: with TC password vs a disk password. Is one more secure than the other?

     

    Thanks!

  • 5. Re: Remote TC access via port forwarding
    LaPastenague Level 8 Level 8 (35,400 points)

    You definitely should password the disk for remote access. Security on AFP is not that great.

  • 6. Re: Remote TC access via port forwarding
    Mario Abanto Level 1 Level 1 (5 points)

    Thanks. Yes of course, I do already using the TC password instead of a disk password i.e. password to access TC is the same password to access the disk via AFP. Eitherway, they're only as good as the strength of your password I suppose.  Thanks again.