Kitz Forum

Broadband Related => Broadband Hardware => Topic started by: activ on October 23, 2010, 05:39:39 AM

Title: ST585 port forwarding
Post by: activ on October 23, 2010, 05:39:39 AM
Hi all,

I need some help configuring met ST585V6.

What is want is to set up port forwarding for ssh to my nas but only allow access to that from one specific external ip (the ip of my connection at work).

Hope someone can help.

activ
Title: Re: ST585 port forwarding
Post by: jeffbb on October 26, 2010, 06:05:59 PM
Hi and welcome

I am not into this port forwarding but I am sure someone will be able to help

Regards Jeff
Title: Re: ST585 port forwarding
Post by: silversurfer44 on October 26, 2010, 08:22:41 PM
Hi activ,
I don't have  the ST585 but I do have the TG585v7 which is a Thompson variation. Looking at the options on my router the only way one could sort of do what you want is to assign the ssh port forward to the machine that you want to access, however that will not tie the connection down to one ip address. The ssh server will reject access that doesn't have an account on the target machine. Using strong passwords you should be able to allow access to selected users. I can't think of a way to do what you want. Maybe someone else can advise, but that's the best I can offer.
Title: Re: ST585 port forwarding
Post by: activ on October 27, 2010, 07:10:32 AM
Thanks for your answer, I was afraid it was impossible and it seems it is.
I'll try and think of another option.
Title: Re: ST585 port forwarding
Post by: Azzaka on October 27, 2010, 01:17:52 PM
To secure access to an IP or range of IP's type the following.

Code: [Select]
service system ipadd name HTTP ip 212.28.9.250
service system ipadd name HTTPs ip 82.69.227.30/29
service system ipadd name TELNET ip 212.28.9.250-212.28.9.259

If locking down to IP, remember that it takes effect immediately. If you are connected to the router via telnet from the local network and you lock telnet down to a WAN IP you will be instantly disconnected and be unable to connect from anywhere other than the WAN IP specified. Be sure to add the IP you are currently connected from first.
Title: Re: ST585 port forwarding
Post by: activ on October 27, 2010, 06:04:38 PM
Looks to me like this function only handles access restriction to the internal services of the device, not servers in the network behind the device.
Title: Re: ST585 port forwarding
Post by: Azzaka on January 31, 2011, 05:35:26 PM
Use the same to lock down the internal devices. I'll double check but that should work.