Windows file sharing & port forward

Discussion in 'Tomato Firmware' started by acracker, Apr 12, 2008.

  1. acracker

    acracker Addicted to LI Member

    I'm using tomato V 1.17 on a Linksys WRT54GL. I have a windows computer (IP: sharing a folder and that is connected to the router. I can access the shared file from within the network on my other computer, but I can't access it from the internet. The picture below show my configuration for port forwarding. Am I doing something wrong?


  2. NickJH

    NickJH Network Guru Member

    Are you running the Windoze firewall on your home PC? Are you trying to browse the PC by IP address or My Network Neighbourhood. Are the 2 PC's in the same Workgroup? Is the PC in the "internet" directly connected to the internet or is it behind a router?
  3. venture

    venture Addicted to LI Member

    I'm not sure if I'm understanding your question, but here are two links I used to get myself a setup with remote desktop over the internet (which I usually leave off anyway):

    Link 1

    Link 2

    After that, I just had to forward the port I set up (per the first link) to the computer I wanted to control remotely.
  4. NickJH

    NickJH Network Guru Member

    I am not sure what remote desktop has to do with file sharing.

    Firstly, if you are opening the four port to the internet as you have done, your PC will be open to anyone on the internet which is not the most secure thing to do.

    About my questions:
    1 - Are you running the Windoze firewall on your home PC? If you are, you will not be able to browse files on it using My Network Neighbourhood (in windoze explorer). Alos you will need to change the scope of the firewall rules to include your internet PC's internet IP.

    2 - See 1 about My Network Neighbourhood. The alternative is to browse by UNC e.g. Start, Run, \\111.222.333.444\sharename.

    3 - If you are nor running the windoze firewall and are trying to browse by My Network Neighbourhood, both PC's must be in the same workgroup (My Computer, Properties, Computer Name)

    4 - It is even more complicated if the internet PC is behind a router.

    At the end of the day, plain opening up file sharing to the internet is downright dangerous and you should really investigate a VPN option either software, hardware mixed or third party (such as logmein)
  5. venture

    venture Addicted to LI Member

    Doh! Yeah, I have remote connection on the brain after spending way too much time getting it set up the other night. Forget everything I said . . .
  6. acracker

    acracker Addicted to LI Member

    Thanks for the replies. As I mentioned before, I am able to browse the shared folder from another computer inside the network. This means that the windows firewall is not blocking the connections. Also, I don't browse the computers in Network Neighborhood, I just map network drives directly. Third, the folder I am sharing on the windows computer needs a username and password to access it, so I'm not worried about opening that port to the internet. The pc I am trying to access the share from is not behind a router and is directly connected to the internet. From all of these deductions, the problem has to lie with the tomato router. I know I configured a D-Link router to open up the same ports and I was able to browse my shared folder with no problems.

    Thanks for your help so far
  7. NickJH

    NickJH Network Guru Member

    I won't give up on the PC set up yet (I do not yet have a router with Tomato so I can't really give advice on it for the moment). By default the Windoze firewall only allows sharing on the local subnet. Have you changed the scope of the four ports in the windoze firewall to something other than default - either any, or specified IP's/Ranges/Subnets?
  8. acracker

    acracker Addicted to LI Member

    You were right! Thanks for not giving up on the windows firewall idea. I was used to XP's simple firewall but Vista has a much more complicated one that has 3 systems of rules for every service running. I had to change the scope of all file and printer settings under the Private profile to allow incoming connections from all remote IP addresses. Now I can browse the folder from the remote computer. Thanks again!
  9. kevanj

    kevanj LI Guru Member

    acracker said "Now I can browse the folder from the remote computer."

    And it's very likely anyone else on the internet can you really understand the security implications of what you have done?
  10. acracker

    acracker Addicted to LI Member

    Yah I keep hearing all this bad stuff about "What I have done" and all, why is it so bad? As I said before, you need a username and password to even access the folder so what is the big security problem?
  11. nvtweak

    nvtweak LI Guru Member

    Because someone can likely still access your shares with null sessions and other easy hacker tricks. Not to mention zero-day attacks which leave your computer vulnerable to anyone or anything (e.g. worm), password or not it doesn't really matter these days.

    You're way better off setting up a VPN or SSH tunnel using public key encryption.
  12. acracker

    acracker Addicted to LI Member

    Ok, could you point me in the right direction to setup an un-hackable share in the methods you've mentioned?

    Thanks for the help so far.
  13. kevanj

    kevanj LI Guru Member

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice