Viewing Article

Introduction

This is a quick guide on the basics of sharedband port mappings and host allocations. The difference between them and how to set them up.

There are two main types of port mapping;
Forwarding individual ports or ranges of ports like you would with any home router.
Host allocations are much like a DMZ, it forwards all ports and protocols to the specified IP address. You need a host allocation before your IPSEC or PPTP VPNs will work.

Getting to Port mapping screen.

Via the Sharedband routers – Neutral Routers.

Log on to one of the neutral routers running Sharedband.
Click on Settings on the left had side menu and then select IP port mappings.

Via the Sharedband Routers – Netgear Routers

Log on to one of the Netgear routers running Sharedband
Click on IP port mappings underneath the Sharedband heading on the left hand menu.

Via the Customer Portal

Log on to the NOC customer portal (these details should have been given to you with your Sharedband user name and password).

Select Configuration from the top menu then select IP Address Mapping from the left hand screen.

 

Adding port mappings and host allocations.

Regardless of which method you used to get to this screen, these screens are the same.

Most people will see a screen very similar to the above screenshot. This community has one static IP and it’s currently the default outgoing address (Indicated by the picture of a globe).
The default outgoing address is the address used if no other rules exist. See host allocations, below, for a better explanation.

To add a port mapping, expand the relevant IP and click on Add port mapping and you will be presented with the screen below.

Select the mapping type
Enter either a range of ports or just a single port
Set the Sbr Index to 0
Destination IP is the private (LAN) machine you want to map the port  to.
Start Destination Port is an advanced feature, most people will want to just enter the first port number again.
It allows you to change which port the connection goes to. For instance you may wish to make your web server available on port 8080 but don't wish to alter the web server's config. When creating the port mapping enter port 8080 in the “Map port” field and port 80 into the Start Destination Port. Sharedband will forward port 8080 internet traffic to port 80 on your server.

 

Host Allocations

As mentioned above Host allocations are much like a DMZ in a home router, it forwards all ports and protocols to the specified IP address. You need a host allocation before your IPSEC or PPTP VPNs will work.

If you only have 1 static IP address, When you create a host allocation you will have to delete your default outgoing address. This means Sharedband is no longer performing NAT for all other users on your network. If you are forwarding all ports and protocols to your firewall then this will be fine because the router/firewall will NAT for you. If you are not using a router firewall you may need to speak to support. Please raise a ticket.

If necessary click on Default Outgoing Address to delete it.

Click on Add Allocation.

Select Fixed Address Allocation from the drop down list and then enter the private (LAN) IP address you want to forward everything too.

Here is a screenshot showing a host allocation from the public ip 1.1.1.1 to the private ip 192.168.0.50. If you want to delete it, just click on the mapping and you will be asked if you want to delete it.

FAQ's

Q: How do I forward just GRE (PPTP) or ESP (IPSEC) to an address?

A: In the current version the only way to forward protocols is to do a host allocation. The ability to map protocol's is being addressed in upcoming versions.

Q: Are the port mappings TCP or UDP?

A: Both, when you select a port to map down, e.g. port 25. It will forward UDP and TCP port 25 to the specified IP address.

Q: Important - You are seeing this message because your Sharedband community is setup incorrectly. 
A: This is because you don't have a default NAT address and all ports and protocols are forwarded to an address/device inside your network.

Review the "Getting to Port mapping screen" section to view your current port mappings/host allocations.

If you are seeing this message normally one of the following senarios has happened:

1. You have just set up a host allocation but your PC or device is not using the IP address you specified.
Please check the IP address you entered in the NOC and the actual IP address the device is using.

2. You normally use a VPN/Firewall device but you have plugged a PC directly into the sharedband routers.
If you wish to test a particular issue without your VPN/Firewall you can either disconnect the firewall device and configure your PC to be on the same IP address as the host allocated address or you can follow the above guide to remove a host allocation (not recommened).

3. You use a VPN/Firewall device and it has been if for weeks/months but now you are getting this message.
This is normally because your VPN/Firewall device has been set to obtain its IP address via DHCP and somebody has used that address to do the host allocation.
For what ever reason your device has now got a different IP address to the one in the host allocation and traffic has stopped flowing.
If you move you VPN/Firewall device to a static address not in the DHCP pool (we normally use .50), and then redo the host allocation, pointing it to this new address.

4 None of the above senarios.
Its extremely rare for this to be the case. We would recommend you raise a ticket
If you are seeing this problem out of hours and need a quick fix you can follow the "Re-adding a default outgoing address" section.
Before doing this note that its very likely inbound VPNs, exchange servers and other port mappings will stop working. If you have somebody that deals with your IT on your behalf we would highly recommend you speak to them first.

Please raise a ticket if you need more help with this issue.