Enabling outside access to my LAN

Discussion in 'Linux Networking' started by Yousaf, Sep 27, 2003.

  1. Yousaf

    Yousaf Guest

    Dear all,

    I have sent a post earlier regarding this but it mysteriously
    disappeared!! From the server, can't even search it on Google.

    Anyway here it goes again:

    I have setup Samba shares for my work mates on a local machine on my
    network. The network shares a broadband connection using the ST510 router.
    I want to allow outside traffic to enter my network and access the machine
    where I am serving the samba shares and the web server.

    I have a static IP address assigned to me by my ISP. My friends from their
    machines at home can not even ping that IP address. Does that mean that
    there is a firewall there? From the web interface of the router I can not
    see any references to the firewall settings.

    Also what do I need to do to allow outside traffic to go to machine x to a
    specific port. (naturally the port that serves samba in this case), there
    is NAPT settings there which are mentioned in the manual too, are they
    relevant to this issue?

    As I have never attempted this before I have absolutely no clue as to what
    needs to be done here.

    My network looks like this:

    Router: Static IP from ISP: xx.xx.xxx.xxx
    Router for eth0 IP address: 10.0.0.138
    Machine X (where samba shares are): 10.0.0.1

    Could anyone please guide me through this and help me setup my router so
    my work mates outside can access the shared directory on 10.0.0.1?

    Regards
    Yousaf
     
    Yousaf, Sep 27, 2003
    #1
    1. Advertisements

  2. It is extremely unwise to allow the outside world to see the ports that
    Samba uses. A better way of doing things is to investigate some sort of VPN
    option where they have to log in to your network using a VPN secure tunnel
    before using your network.

    Dave
     
    Dave {Reply Address in.sig}, Sep 28, 2003
    #2
    1. Advertisements

  3. Yousaf

    Yousaf Guest

    Sorry, I found my previous post, please ignore this one.
     
    Yousaf, Sep 28, 2003
    #3
  4. Yousaf

    James Knott Guest

    Use a VPN to allow access. Do not make the file shares available directly
    to the internet.

    --

    Fundamentalism is fundamentally wrong.

    To reply to this message, replace everything to the left of "@" with
    james.knott.
     
    James Knott, Sep 28, 2003
    #4
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.