General Networking/Lan/Wan/Testing a new router

Advertisement


Question
Hi Jeff.

I'm not sure if this is even possible, but I'll ask.

Basically I wanted to ask if it was possible to test if I had one-to-one NAT setup correctly on a new router (mapping a public IP to a private ip) without it being connected to the internet.

I didn't want to shut down my internet (since it will be in use) and thought it would be nice if somehow I could set things up with the PC's I have so I could test the routers NAT configuration without it actually being on the Internet.

I figure it probably isn't possible, but I thought I would ask.

I wanted to test an FTP client and type in a 'public' IP address and see if it goes to my new router on the LAN (I think they sometimes call this hairpin NAT) where you access a FTP server on the LAN which is behind your router via it's external IP address.

Thanks
John

Answer
Hi John,

>> I wanted to test an FTP client and type in a 'public' IP address and see if it goes to my new router on the LAN (I think they sometimes call this hairpin NAT) where you access a FTP server on the LAN which is behind your router via it's external IP address.

I understand completely, but you are slightly mixing up what you WANT, with an EASY way to TEST it out.  It happens  :-)  Technically, what you suggest is do-able but a PAIN - since your ISP probably gives you only 1 IP - so you can't do it and keep your router up and the same time.

So, let's focus on what you want to accomplish, instead of the way that you feel that you wish to try it out, ok?

Basically, you can configure your firewall to allow an inbound FTP only connection, or just use a DMZ rule (easier still).  So start with the latter.  Look inside your router GUI.  It'll either be in the firewall or DMZ section.  You should be able to configure one IP to be your "DMZ".  Essentially, inbound connections will be allowed to pass through the firewall to that specific IP address (so it's best to manually hard set that PC).  Depending on your router, it might be "allow all inbound to that IP" or it might be more configurable.

So just set that up - it won't take long.  And then just test it out from any PC on the Internet.  If you are close enough, you might be able to use the wireless from a neighbor's house with a PC in your house to test everything.  Otherwise, your laptop at a neighbors house will do the trick.

Note: Your ISP probably allows you to have some file storage as part of your connection on THEIR FTP server.  so you might use that instead, and maintain your security more fully.

I hope this helps!  Thanks!

J.

General Networking/Lan/Wan

All Answers


Answers by Expert:


Ask Experts

Volunteer


Jeff K

Expertise

I'm a Network and Application Performance Specialist, and have worked for some of the best software companies in the world.

Experience

I have over 20 years in Information Technology & Networking.

Education/Credentials
Lots of hard work, study and real-world experience. I've had some formal training along the way but most of my knowledge is from working in the field, not the classroom.

©2017 About.com. All rights reserved.