>"Dan Langille" <dan.langille@dvl-software.com> wrote:
>> When the installers put in my pinholes, they did something I think is
>> wrong.
>>
>> They mapped 80,81,TCP,192.168.1.1,80
>>
>> In fact, for each pinhole, they mapped two ports onto one port. I don't

>> think that's what I want. So I removed them.
>
>Hmmm, well, that many-to-one mapping is sort of efficient, but not
>particularly effective, sure, you can now hand out wierd URLs with explicit

>ports, but why?
>
>> That's when I got the following error when adding things back in. Now, I

>> think it's trying to tell me that I can't change port 80 because I'm
>> already using port 80. So I tried the Telnet interface. But I couldn't

>> figure out how to it from there either. You telnet to the M10
>> (192.168.1.254), user Telecom Pass Telecom. Then type view and you see:

>>
>> servers
>> web-http 80
>> telnet-tcp 23
>>
>> at the end. It's those values I need to change. But how?
>
>No, those values are independant of the pin-hole NAT, they tell the M10 what

>ports to respond to with what protocol. Ie, you could set up telnet on a
>different port... again, why?

I say they are the ones I need to change because of the error message I get
below:

>
>> Here's the error I get when trying to remap 80.
>>
>> configure
>>
>> Config Mode v1.0
>> (user-admin level privileges -- read/write)
>>
>>
>> WARNING: Other administrators are already in config
>> mode. Changes you make will affect them, and
>> vice versa. Leaving config mode and doing 'who'
>> is recommended.
>> Telecom Fast Access (top)>> set pinh item 7 external-port-start 80
>>
>> 7 has been added to the list
>>
>> Telecom Fast Access (top)>> set pinh item 7 external-port-end 80
>> Telecom Fast Access (top)>> set pinh item 7 protocol TCP
>> Telecom Fast Access (top)>> set pinh item 7 internal-ip 192.168.1.1
>> Telecom Fast Access (top)>> set pinh item 7 internal-port 80
>> Telecom Fast Access (top)>> save
>> WARNING: 'dns domain-name' is null, indicating no domain name is available.

>> WARNING: 'dns primary-address [0.0.0.0]' and 'dns secondary-address
>> [0.0.0.0]' indicates no nameserver is available.
>> ERROR:
>> Pinhole element 7 has conflict with internal
>> Web-TCP service 80,
>> Either change pinhole port or redirect Web Port.
>
>Here's the clue. Seems like in upgrading the software they have removed the

>ability to respond differently to port 80 requests on the Internal vs.
>External interface. Currently I can http to my M10 internally on port 80,

>external requests to port 80 are mapped through to my server. Now this is
not
>allowed? More wierd.

I concur.

>> Validation unsuccessful; cannot save current configuration.
>>
>> Telecom Fast Access (top)>> q
>>
>> Save modified configuration data [y|n] ? n
>
>Can you save it or does the error message just loop?

It loops.

--
Dan Langille - DVL Software Limited
The FreeBSD Diary -http://www.freebsddiary.com/freebsd/
To unsubscribe: send mail to majordomo@freebsddiary.cx
with "unsubscribe adsl" in the body of the message