- Windows 2000 Port Forwarding: How to Put Your Mail Server Behind Your Firewall
- Port Forwarding: Step by Step
Port Forwarding: Step by Step
Windows 2000 port forwarding is set up through the Internet Sharing Connection Wizardwhich makes sense.
Enable Internet Connection Sharing
If you haven't done so already, you'll need to enable Internet Connection Sharingthis allows your multi-homed server to manage Internet connections for the computers inside your network. Your server will have two network cards: one connected to the outside world, and the other connected to the inside world. In this example, the outside card has an IP address of 126.96.36.199 and the inside card an address of 192.168.0.1. The 192.168.x.x subnet is a "test" subnet, invalid on the Internet.
To enable Internet Connection Sharing between your two networks, right-click your outside Internet connection, select Properties, and then select Sharing (see Figure 2). Check the box labeled Enable Internet Connection Sharing for This Connection (see Figure 3). Select your internal network in the box below (labeled For Local Network).
Figure 2 Selecting the connection you want to change.
Figure 3 Enabling Internet connection sharing.
Select the Services to Forward
Now, forwarding a port on your server to an individual computer within your inside network is as simple as clicking the Settings button.
A number of the standard portsfor mail or FTP, for exampleare provided by default, in the likely assumption that you may want to put a mail or FTP server behind your firewall and still be able to access it directly. If this is your goal, select the appropriate service and click Edit. In our case, however, we want to be able to Telnet to our Cray, which isn't listed, so we'll have to add a new service. Click the Add button.
Select a Port and a Destination Machine
If you're adding a service, give it a name and a port number. Then select either TCP or UDP, based on the protocol that the service will use. Finally, enter the internal IP address of the target computer. In this case, we created a new service called "cray" and assigned it port number 4020 on our Windows 2000 server, and told the server that port 4020 forwards to port 4020 on the computer with the internal IP address of 192.168.100.207, our Cray.
Now, from outside the network, you can type the following to log onto the Cray:
And then play Hunt the Wumpus until your fingers bleed.