I have an linksys BEFSR41 Router but i have no idea how to turn my firewall off? Can anyone please tell me? thx
How do i turn my router's firewall off?
- Thread starter HikkiFan
- Start date
I know you're trying to turn off your firewall!!!
I'm asking cause you might be able to bypass the firewall by putting your comp in the DMZ or forward ports, but that will depend on what you're trying to do, hench my question "What are you trying to do."
The firewall isn't a "feature" you can turn on/off with a switch or a button, it's a part of NAT.
Yeah, go unplug it from teh wall, that'll shut the whole thing down...along with your access to the Internet
Generally you don't want to "disable" the firewall features, since that will allow access into your network. Assuming you only need a particular application to function, find out what ports it needs opened, and then use the Port Forwarding feature in the Advanced part of the configuration interface, to forward those ports to the address of the machine you want to be able to receive incoming traffic (you'll need to assign a static IP address to that machine, an address that is NOT part of the range the router uses for DHCP, so that you don't end up with the wrong machine getting the IP address you forward to).
If for some reason you do want a machine to receive ALL incoming traffic no matter what the port, then set the DMZ in the advanced settings to be that machine; the router will then forward all traffic that is incoming to that machine (only traffic that is initiated from outside though such as a connection to a server you're running, not "responses" to traffic from inside your network).
Port forwarding can only forward a particular port to a single machine for incoming connections, it can't forward it to several machines; however different ports can be forwarded to different machines to act as servers. DMZ also only forwards all connections to one machine; no other machine can receive inbound connections.
I think it is technically possible to turn off NAT with the router (which is what provides the firewall functions) but only with a particular setup from your ISP (requires a larger block of IP addresses). It's unlikely you'll be able to do anything like that with a cable service or most DSL providers (those DSL providers that do set you up that way usually provide a router).
If you're just trying to get a particular application to work like Netmeeting or file transfers over AIM, a firmware upgrade for the router may automatically enable the functions. Other applications like IRC's DCC function simply need a forwarding of a block of ports.
If for some reason you do want a machine to receive ALL incoming traffic no matter what the port, then set the DMZ in the advanced settings to be that machine; the router will then forward all traffic that is incoming to that machine (only traffic that is initiated from outside though such as a connection to a server you're running, not "responses" to traffic from inside your network).
Port forwarding can only forward a particular port to a single machine for incoming connections, it can't forward it to several machines; however different ports can be forwarded to different machines to act as servers. DMZ also only forwards all connections to one machine; no other machine can receive inbound connections.
I think it is technically possible to turn off NAT with the router (which is what provides the firewall functions) but only with a particular setup from your ISP (requires a larger block of IP addresses). It's unlikely you'll be able to do anything like that with a cable service or most DSL providers (those DSL providers that do set you up that way usually provide a router).
If you're just trying to get a particular application to work like Netmeeting or file transfers over AIM, a firmware upgrade for the router may automatically enable the functions. Other applications like IRC's DCC function simply need a forwarding of a block of ports.
Sometimes even DMZ doesn't work, especially when both parties are behind firewalls. Then you'll need to start drilling holes in your firewall and opening ports...
If you have an ISP with dynamic IP's, the easiest solution would be to get a $20 hub or switch with a uplink port. Connect your broadband modem to the uplink port and the rest of your computers to the hub. They should all now be connected directly to the 'net w/o any firewall protection and each with their own IP. Of course you also lose your private LAN.
Could tell us what you are trying to do that requires you to disable your firewall; then we might be able to provide some more precise suggestions.
Wow, nice job, that certainly helped me out a bit, thanks! Either way, HikkiFan, let me see if i can pull off this analogy:
Some programs require certain ports to be open. This is much like you needing access to certain rooms in your house. Each door in that house is a port, but the doors (ports) are all locked. Now, you can open the doors (ports) by a key. The key in your case, needed to unlock those doors, is found in the options of your router. If you need to know more, we'll help you out with it.
Hopefully my analogy won't confuse.
Boogak: most ISPs charge extra for the use of multiple public IP addresses, so that may be a really bad solution depending on what he's actually trying to do. If he didn't mind paying for it, he'd probably have to contact his ISP as well to have them set it up to allow his connection to be assigned multiple IPs. It'd also be better to only put the one machine he wants to be outside the firewall connected to the hub; connect the router to the hub as well, then the other machines to the router, that way it only requires one extra IP, and keeps the machines behind the firewall that don't need to be outside of it.
You obviously don't know much about networking, HikkiFan, so it probably would be best if you explained what you're trying to do.
You obviously don't know much about networking, HikkiFan, so it probably would be best if you explained what you're trying to do.
He has a valid question. In some routers you can disable the firewall with a simple check box. I could do that on my old SMC 7004VBR. Most routers won't do this though, so you can only disable the firewall for one computer at a time using DMZ.
Of course even if you can disable the firewall you are still going through NAT, but most apps these days have no trouble with NAT. It's the firewall that causes problems with many things including online gaming, voice or video, etc.
Of course even if you can disable the firewall you are still going through NAT, but most apps these days have no trouble with NAT. It's the firewall that causes problems with many things including online gaming, voice or video, etc.
NAT IS the firewall in most of these routers (and specifically in the BEFSR41). The blocking of inbound connections is inherent in the NAT technology because there's no way for it to work otherwise by default, and is the only "firewall" function that the router performs. Other features like stateful packet inspection or blocking of websites are available in some routers, but I think he'd have found the "checkbox" to turn that off if he had a router that supported it; they wouldn't hide it (in fact it's on the Firewall tab in Linksys routers that support it and is a simple radio button).
why do I get the feeling he only wants to host a game or share music or something?
Either way HikkiFan, port forwarding is your best bet. You just need to know what ports to forward. For instance, say you want to serve this particular game. You need to find out via the games website or tech support, which ports that game uses. You just go into your router config and set that port to recieve traffic either inbound, outbound or both.
Like Erikiksaz said, opening a port is just like opening a door to a 10,000 door house. By opening that port, you are saying that traffic is allowed through that door, and that door only.
The main needs for you to open up your network for this feature is hosting a game, and FTP or file/music sharing of some sort. It would be fairly simple for us to explain it to you but we need to know why and for what?
Say you told us it's to host Unreal Tournament games.
Since UT may typically use port(s) 7777-7787, we would tell you how to access that in the router config page and open those ports so you can host public games. I shouldn't take more then 10 minutes.
Either way HikkiFan, port forwarding is your best bet. You just need to know what ports to forward. For instance, say you want to serve this particular game. You need to find out via the games website or tech support, which ports that game uses. You just go into your router config and set that port to recieve traffic either inbound, outbound or both.
Like Erikiksaz said, opening a port is just like opening a door to a 10,000 door house. By opening that port, you are saying that traffic is allowed through that door, and that door only.
The main needs for you to open up your network for this feature is hosting a game, and FTP or file/music sharing of some sort. It would be fairly simple for us to explain it to you but we need to know why and for what?
Say you told us it's to host Unreal Tournament games.
Since UT may typically use port(s) 7777-7787, we would tell you how to access that in the router config page and open those ports so you can host public games. I shouldn't take more then 10 minutes.
I didnt know you could get a modem to share internet access through the uplink port of a hub? How does that work? and why would you lose your local network?
Your asking for TROUBLE if you disable any firewall when connected to the internet.....
With the linksys all you should have to do is use the DMZ feature..
first set the pc in question w/ a static internal ip, you may have to do that for all pc's connected.
Don't forget to set your DNS setting by hand because you won't be using DHCP anymore.
then login in to your router and set the DMZ ip to the internal ip of the computer you want to have exposed to
the outside.
Regards,
Jose
With the linksys all you should have to do is use the DMZ feature..
first set the pc in question w/ a static internal ip, you may have to do that for all pc's connected.
Don't forget to set your DNS setting by hand because you won't be using DHCP anymore.
then login in to your router and set the DMZ ip to the internal ip of the computer you want to have exposed to
the outside.
Regards,
Jose
Originally posted by: dakels
why do I get the feeling he only wants to host a game or share music or something?
Well, gauging from his response, I doubt he is trying to do anything complicated... I have this feeling we're giving him waaaaay more info than he needs or understands
Originally posted by: Radiohead
Originally posted by: dakels
why do I get the feeling he only wants to host a game or share music or something?
Well, gauging from his response, I doubt he is trying to do anything complicated... I have this feeling we're giving him waaaaay more info than he needs or understands
I'm betting he wants to transfer files through AIM
in which case is difficult because of the way AIM is implemented, DMZ or not.Thanks a bunch... now my router USR 8000a-02 calls port forwarding 'virtual server' and it has a spot for the port.. do I put a seperate entry for all those ports?
I know guys thats what I mean. We are probably confusing him with all this chatter. Its best just to find out what the usage is for and go from there. he is not going for his CCNA.
Anyways, johnbear, port forwarding usually calls for a range. From xxxxx to xxxxx. In this case from 2300 to 2400 TCP/UDP.
Anyways, johnbear, port forwarding usually calls for a range. From xxxxx to xxxxx. In this case from 2300 to 2400 TCP/UDP.
Not too sure... I'm reading the manual on this page here & it doesn't say anything about being able to enter a range of IP's under the Virtual Server section.
But how would you enter 100 separate entries for ports 2300-2400?
However, it seems you can enter a range of IP's under the Special Applications section, but I'm not sure what you would enter for as the trigger...
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes Discussion Threads
- Started by Tigerick
- Replies: 21K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter