PDA

View Full Version : It Just Won't Work !!



vader11
08-08-2003, 09:53 PM
ok, I know off the bat this is the wrong forum, but I'm posting here because this is where all the smarts guys hang out. My
problem is accessing TivoWeb from a remote computer. I can access it locally over my LAN, but not from outside. Currently I am running a linksys router and a external adsl modem, the modem uses a dynamic IP and does the PPPoE authentification itself. I'm confused as to how to get all the forwarding correct.
Please help if you can....these are the number from within the STATUS menu of the router.

LAN:
IP Address 192.168.1.1
DHCP server :Enabled

WAN:
IP Address 172.16.*.**
Default Gateway 172.16.*.***
DNS 172.16.*.***

How in the blue hell do I set up this port forwarding stuff....for the moment I'm not too concerned about the security...small steps here first....unless you guys can point me to something that isn't too complicated.

Thanks

Tim

Terono
08-08-2003, 10:47 PM
basically you first have to login to your linksys router from one of the local computers on your network. So http://192.168.1.1
the default login info for linksys is no username and password would be "admin"

From the web interface for the router you can pick

Advanced --> Forwarding

This would be where you can setup forwards to different ports..

My guess would be for tivoweb you can open up Ext Port 80 to 80 Protocol TCP and Protocol UDP should be checked

IP address would be the your tivo address that you use to access it within your network 192.168.1.whatever

Openning up like this would allow people to access your tivoweb remotely, this could be hazardous. But as you mentioned you are not worried about security for the time being.

You mentioned that your ip is dynamic. You can use a free service like http://www.no-ip.com that will asstablish your IP address to a URL that will change with your IP changes.

vader11
08-08-2003, 11:01 PM
ok, I pretty much had that part figured out, what is confusing me is, let's say you wanted to log into my tivo from your house....what would you type in your address bar ?

Terono
08-08-2003, 11:25 PM
You mentioned you can access tivoweb from your local network in your original posting. On the internal side of your network you can type in the 192.168.1.whatever_it_is address for your tivo.

Outside (like if I wanted to access YOUR tivo) you would have to use the public address IP for your connection http://172.16.*.**

http://www.no-ip.com - will take the 172.16.*.** address and translate it to a URL what will change with changes to your IP. In order to do this you run a piece of software on one of your computers inside your network that communicates with no-ip.com and tells them about any changes to your IP.

devnull
08-09-2003, 06:42 PM
Most people don't realize this, but the form of the address is:

<protocol>://<host>:<port>/<path>

Where port is often left out because all protocols have default ports. Http's is 80.

In this case, your address line will be:

http://<WAN IP>

where the default port (80) is used for http. Having turned on port forwarding in your router, every access to port 80 that comes from the internet will now be forwarded to your Tivo. A very scary notion, indeed.

Note that just like there are newby hackers who use tools created by the few experts for a Tivo, there exists a similar hierarchy in all hacker communities. Popular and easy hacks get cookedbooked and distributed for the newbies to play around with. The best thing to do is to stay away from standard ports like the ones used by telnet, ftp, http, etc. These are the most likely to be exploited.

gary

btw - if you ever want to keep up on the latest vulnerabilities, check you router logs and see what ports are getting probed. Do a google search on these ports and you'll find out that they belong to the latest M$oft app that was just exploited. :-)

TheWickedPriest
08-09-2003, 06:59 PM
Originally posted by devnull
Most people don't realize this, but the form of the address is:

<protocol>://<host>/<path>:<port>


<protocol>://<host>:<port>/<path>

devnull
08-10-2003, 12:52 PM
D'oh! You're right. I've fixed the original post.

gary

tryingtogetby
09-07-2003, 03:41 PM
Hi guys,

I am a newbie as well. Much like Vader, I cannot seem to access my Dtivo over the web. I have a Netgeear router and my internal ips start at 10.10.... When I go to access the Dtivo unit using http://mywanip:80 I can only get to the router web page. I have forwarded the correct ports to my Dtivo. I can access Tivoweb internally, but not if I type my wanip:80. Does the internal addressing have to be 192.168... for tivoweb to see and respond? I wouldn't think so since I can get at it internally. Any thoughts? Thanks in advance.

ttgb

devnull
09-08-2003, 11:51 PM
I'd try changing the port forwarded by the router to something other than 80. Because it's serving up the web admin page to the outside world at 80, what you want to do is getting preempted.

Several different ways to get around the problem:
1. Have requests that come in on port X be forwarded to tivo IP port Y. So http://wan_ip:8000 goes to tivo_ip:80
2. See if you can turn off administration from the WAN side in the hopes that port 80 will now be fowarded to the tivo.
3. Forward a different port to the tivo and set up tivoweb to listen to that port. So http://wan_ip:8000 goes to tivo_ip:8000

gary

Juppers
09-09-2003, 01:29 AM
If your IP really is 172.16.xxx.xxx, then it won't work. Your ISP is NATing you. 172.16 is non-routable address space. I would suggest you call your ISP and see if they offer real IPs.