General Networking/Lan/Wan/Testing a new router

Advertisement


Question
Hi Jeff.

I'm not sure if this is even possible, but I'll ask.

Basically I wanted to ask if it was possible to test if I had one-to-one NAT setup correctly on a new router (mapping a public IP to a private ip) without it being connected to the internet.

I didn't want to shut down my internet (since it will be in use) and thought it would be nice if somehow I could set things up with the PC's I have so I could test the routers NAT configuration without it actually being on the Internet.

I figure it probably isn't possible, but I thought I would ask.

I wanted to test an FTP client and type in a 'public' IP address and see if it goes to my new router on the LAN (I think they sometimes call this hairpin NAT) where you access a FTP server on the LAN which is behind your router via it's external IP address.

Thanks
John

Answer
Hi John,

>> I wanted to test an FTP client and type in a 'public' IP address and see if it goes to my new router on the LAN (I think they sometimes call this hairpin NAT) where you access a FTP server on the LAN which is behind your router via it's external IP address.

I understand completely, but you are slightly mixing up what you WANT, with an EASY way to TEST it out.  It happens  :-)  Technically, what you suggest is do-able but a PAIN - since your ISP probably gives you only 1 IP - so you can't do it and keep your router up and the same time.

So, let's focus on what you want to accomplish, instead of the way that you feel that you wish to try it out, ok?

Basically, you can configure your firewall to allow an inbound FTP only connection, or just use a DMZ rule (easier still).  So start with the latter.  Look inside your router GUI.  It'll either be in the firewall or DMZ section.  You should be able to configure one IP to be your "DMZ".  Essentially, inbound connections will be allowed to pass through the firewall to that specific IP address (so it's best to manually hard set that PC).  Depending on your router, it might be "allow all inbound to that IP" or it might be more configurable.

So just set that up - it won't take long.  And then just test it out from any PC on the Internet.  If you are close enough, you might be able to use the wireless from a neighbor's house with a PC in your house to test everything.  Otherwise, your laptop at a neighbors house will do the trick.

Note: Your ISP probably allows you to have some file storage as part of your connection on THEIR FTP server.  so you might use that instead, and maintain your security more fully.

I hope this helps!  Thanks!

J.

General Networking/Lan/Wan

All Answers


Answers by Expert:


Ask Experts

Volunteer


Jeff K

Expertise

Specialist in leveraging technology toward fulfilling a customer's business objectives: enhancing revenues and giving them a competitive advantage in the marketplace.

Networks: architecture, design, monitoring and trouble-shooting
Technologies: Bandwidth Management (QoS), WAN Optimization, Application Performance Management (APM), User Experience Management

Experience

Over 20 years in computers and networking. Strong, broad-based expertise from years in Operations and Sales Engineering at major corporations and hardware vendors.

Education/Credentials
B.A., various courses in computers and networking as well as many many years of OJT (on the job training) and real-world experience.

©2016 About.com. All rights reserved.