This text applies to the Linksys router BEFSR41. It discusses
setting your Sun up as a server that you could telnet into
from the outside.
This text applies to the Linksys router BEFSR41. It discusses
setting your Sun up as a server that you could telnet into
from the outside.
As a proof of concept, Bob Styma ran an experiment with his Sun At Home. Using the web interface to the Linksys Router, he assigned the Sun as the "exposed" machine on the net and turned off the "Disable WAN Request" flag. This means that the Linksys router will allow connect attempts from the outside to pass through it and that the network translation part of the router will send these connect requests to the Sun.
Using the Linksys web brouser interface he identified the IP address assigned by the ISP. This is the effective IP address of the Sun from the Internet. The first experiment was to use VPN on a PC to dial into AGCS and then telnet to the IP address of the Sun. Indeed he could log on.
The second experiment was to call Bob's brother in Chicago and have him telnet in from his PC using the Sun's IP address. This worked for both telnet and ftp.
Dropping the Linksys firewall is a security exposure. If the firewall was to be left in this mode, measures would have to be taken to harden the Sun against intrusion. The current firmware load on the Linksys router allows port forwarding. This allows you to not expose the Sun totally to the Internet. To use this feature, turn on the "Disable WAN Request" feature to protect your network in general and forward ports 21 (ftp) and 23 (telnet) to your Sun. This block everything but those two ports. You can then Install TCP wrappers on the Sun to make those ports much more secure. The manual page on TCP wrappers shows the screens for port forwarding on the Linksys box.
Some of the later releases of the Linksys firmware have the feature of allowing you to control just which ports are allowed in and where they go. Thus you could route port 80 to an internal machine running a web server and port 23 to a machine supporting telnet. This seems to be a better approach than exposing the Sun completely to the Internet.