15 October 2008

How To Do NAT/Port Forwarding On IPCOP.


The process is fairly simple. You choose IP Public that want to be NAT-ed on 'ALIAS IP' and fill out both Source and Destination Port. For example, if you want to forward http request from outside, choose TCP protocol, pick IP Public on Alias drop down box, and finally put '80' on both Source and Destination port.

IPCOP supports many IP Public attached on single RED interface, just declare them on 'Aliases' page. For each, you can port forward virtually anything from one interface page. However, IPCOP does not support multiple WANs, and likely to be implemented soon. Here are example for Aliases:


Usually, your ISP gives you one IP if you're using normal broadband connection. But those who have more than 1 static IP, you can assign them here. Declare your IP on 'Alias IP' text box and give it proper name e.g: mail.xyz.com on 'Name' textbox. Name declared should match given from your ISP, although it's not mandatory but to avoid confusion. And no, you can't use your dynamic IP here. For Dynamic IP, there's feature on IPCOP called 'Dynamic DNS' but it's not a subject of this thread.

One thing, for port forwarding/NAT, you DON'T need to open port on External Access page, There's no need to. It was needed step on older IPCOP version, and affected ALL interfaces (RED, GREEN, BLUE, ORANGE) but today releases forbid you from doing so.

After you've done that, try ping your newly declared IP to check whether it's active or not. Don't close ICMP for all interfaces on Firewall Options page, it's unecessary. If you do so, you will be unable to ping your own IP Public, which is pretty absurd. Close ICMP for outside world only, and leave your LAN allowed.

Related links:

http://eternalblackzero.blogspot.com/2008/09/ipcop.html

http://eternalblackzero.blogspot.com/2008/09/adding-safari-on-adv-proxy-ipcop.html

http://eternalblackzero.blogspot.com/2008/09/how-to-ssh-ipcop.html

http://eternalblackzero.blogspot.com/2008/08/ipcop-vs-mikrotik.html

http://eternalblackzero.blogspot.com/2008/09/setting-up-ipcops-time-server.html

12 comments:

techniqueal t. said...

m not that familiar with port forwarding so this is truly an eye opener! will check out related links. thanks for sharing! ^_^

Adrian said...

"But those who have more than 1 static IP, you can assign them here."
Siska, you said that IPcop does not support multiple WAN? Then what we assign those IP there for?
And one more quick question, is it support bandwidth management? Like traffic shaping, bandwitdh burst etc? ^^

Fransiska Ike said...

Do not confuse WAN with IP Public. WAN <> IP Public. You can have many IP Public inside 1 WAN, not just one IP. Dedicated connection for corporate is the prime example. One WAN can have up to sixteen or even more IP.

IPCOP does support bandwith management. You just need to install separate add-ons since default IPCOP core still is too simple. Mikrotik does better job on this matter.

Adrian said...
This comment has been removed by the author.
Adrian said...

Hmmm... So IPCop is able to have one ISP which gave several IP Public, but couldn't handle multiple ISP for one network? If I want to have several ISP handled by IPCop, I need to buy a seperate load balancer, yes?
Yeap, Mikrotik is good indeed, but I need to buy for it, meanwhile IPcop is free :p

Anonymous said...

Hello There. I found your blog using msn. This
is a really well written article. I'll make sure to bookmark it and return to read more of your useful information. Thanks for the post. I will certainly comeback.

My website - jocuri online strategie gratuite

Anonymous said...

Link exchange is nothing else except it is simply placing the other person's web site link on your page at proper place and other person will also do similar in support of you.

my web page ... jocuri online pe bani

Anonymous said...

You can certainly see your expertise in the article you write.
The arena hopes for more passionate writers
like you who aren't afraid to mention how they believe. Always follow your heart.

Look at my web blog jocuri gradinarit online

Anonymous said...

It's a pity you don't have a donate button! I'd most certainly donate to this superb blog! I guess for now i'll settle for bookmarking and adding your RSS feed to
my Google account. I look forward to new updates and will share this website with my Facebook group.
Talk soon!

my page: jocuri online masini

China tours said...

Congratulations for this wonderful reading article. I found it very informative and interesting too, I think you are a brilliant writer. I have bookmarked your blog and will return in the future. I want to encourage you to continue that marvelous work, have a great daytime!I am a china tour lover,You can learn more: China travel packages | Asia tour packages | China city tour packages

Learn Chinese language on hanbridgemandarin said...

The best place to learn mandarin Chinese is in China. However, we understand that it isn't always possible to move here to study Chinese language. The next best thing is to study with our experienced teachers in a virtual classroom. Online students enjoy the same excellent way of Chinese Online Courses and custom designed courseware that we provide for our face to face clients.

Zheng junxai5 said...

2015-07-13 zhengjx
oakley sunglasses
cheap ray ban sunglasses
burberry outlet online
fitflops
longchamp outlet online
chanel bags
gucci sito ufficiale
chaussure louboutin pas cher
coach factory outlet
cheap ray bans
nike blazer pas cher
louboutin pas cher
beats by dre
michael kors outlet online
air force pas cher
burberry sale
coach factory
oakley outlet store
michael kors outlet
coach outlet store online
tory burch outlet online
coach outlet
michael kors purse
michael kors handbags
gucci bags
ray ban outlet
oakley store
christian louboutin shoes
michael kors handbags
michael kors outlet online
ray ban sunglasses uk
gucci borse
hollister outlet
burberry outlet
ralph lauren polo shirts
oakley sunglasses outlet
chanel handbags
oakley sunglasses wholesale
kate spade handbags
true religion outlet

Post a Comment

Feel free to comment here... ^^b Thank you for your time.