Welcome to the new FlexRadio Community! Please review the new Community Rules and other important new Community information on the Message Board.
If you are having a problem, please refer to the product documentation or check the Help Center for known solutions.
Need technical support from FlexRadio? It's as simple as Creating a HelpDesk ticket.

Port Forwarding with two Radios

Steve K9ZW
Steve K9ZW Member ✭✭✭
edited June 2020 in SmartSDR for Windows
What is the best practice for assigning port pairs and port forwarding if you will have more than one Flex-6000 on your network?

Looking through the community the best I can find is from Tim three years back:

The radio uses 4994/tcp and 4993/upd.  You can do a translational port forward, for example, define tcp port 21000 on the firewall to map to port 4994/tcp on the radio and define udp port 22000 on the firewall to map to port 4993/udp on the radio.

Or you can do a 1:1 translation where you define tcp port 4992 on the firewall to map to port 4992/tcp on the radio and define udp port 4993 on the firewall to map to port 4993/udp on the radio.

Can each radio use the same port pairs - say port pairs TCP 4994 - 4994 and UDP 4993-4993 (external to internal as configured in SmartLink and in your port forwarding at your router)

For example if you had two Flex-6700s on your network, one set up to work through transverters and the other your HF radio can you do:

Radio #1 Network IP 192.168.0.10 using port pairs TCP 4994 - 4994 and UDP 4993-4993 
Radio #2 Network IP 192.168.0.11 using port pairs TCP 4994 - 4994 and UDP 4993-4993

Or is should you use:

Radio #1 Network IP 192.168.0.10 using port pairs TCP 4994 - 4994 and UDP 4993-4993 
Radio #2 Network IP 192.168.0.11 using port pairs TCP 4996 - 4994 and UDP 4995-4993

If your should use unique ports is that a necessity (you need to) or best-practice (you're better off to)?

Thank you and 73

Steve
K9ZW

 

Answers

  • K1VL
    K1VL Member ✭✭
    edited May 2020
    I have not operated two Flexradios remotely from the same LAN via port forwarding but I have done a lot of port forwarding in general.  I am assuming you have a single external IP address that needs to be shared by multiple internal "hosts" (the radios in this case). The translated ports on the external (Internet facing) interface need to be unique otherwise the response from the remote client will not be routed to the proper internal LAN IP. Just pick unique external ports ports for each radio. You need to translate the ports in addition to the IP's. The external ports cannot overlap for each radio. 
  • David Decoons, wo2x
    David Decoons, wo2x Member, Super Elmer Moderator
    edited June 2020
    Hi Steve,

    You would need unique ports for each radio steered to that radio's LAN IP.

    Example.  I have the following for a radio with LAN IP of 10.4.0.245. Below these settings would be what I would have in the router for a second radio on IP of 10.4.0.246. I use DHCP reservation by MAC address in the router to maintain the radio's LAN IP.

    Radio 1 LAN IP 10.4.0.245
    Router port forwarding
    External port 21000  Internal port 4994  LAN IP 10.4.0.245 Protocol TCP
    External port 22000  Internal port 4993  LAN IP 10.4.0.245 Protocol UDP

    Radio 2 LAN IP 10.4.0.246
    Router port forwarding
    External port 21001  Internal port 4994  LAN IP 10.4.0.246 Protocol TCP
    External port 22001  Internal port 4993  LAN IP 10.4.0.246 Protocol UDP

    Don't forget to manually assign the ports in the radio SmartLink setup. From the radio chooser highlight the radio to be configured, click SmartLink Setup, then click the down arrow to the left of the word Networking. Here is a screenshot of radio 1's network entry.

    73
    Dave wo2x



  • Mike-VA3MW
    Mike-VA3MW Administrator, FlexRadio Employee, Community Manager, Super Elmer, Moderator admin
    edited May 2020
    What Dave said.  You can have as many Flex radios on SmartLink behind your router as you like.  The only key part is that WAN side ports are unique.  What that means is they are not in use by ANYTHING else.  

    I have 2.  This is what it looks like on the Router.

    image
  • Erika - KØDD
    Erika - KØDD Member ✭✭✭
    edited May 2020
    Very good Sexy Flexy...  That's what I'd do also...  PLus everything on my network has MAC address DHCP reservations only also...  I have only one or two extra IP addresses configured in the pool just in case we bring something new into the house is all. Everything else is assigned to an item including the smart TVs, Radar Range and Smart Dishwasher... Just kidding about the Radar Range.  Look those up, ha.

    Also if an IP spoofer tries spoofing their way into the router and getting access they'd need the correct MAC spoofed ALSO. Kinda tough to guess that game from across the planet...   Always do manual port forwarding if you can...  The effort up front is well worth the result over time.

    Leaving it automatic is an open door for hackers to snoop around with port sniffers.  They are going to try that anyway... 

    This was the issue with the raft of foreigners connecting and trying to log into radios in the last few years.  Make it so they don't have an easy time of it.  OH one more thing....  There is a common list out there of PORT PAIRS on the internet.  Make darn sure the external port pairs you select are NOT being used for things like (example)  World of Warcraft comm links and other silly things.  Just like Mac Addresses all being an individualized serial number, there's groups of Port combos out there THAT ARE WELL UTILIZED only for various applications...  find out exactly what they are.  Have fun this is not all that tough, just detail work and sort of understanding what things are for...  Erika DD
  • Mike-VA3MW
    Mike-VA3MW Administrator, FlexRadio Employee, Community Manager, Super Elmer, Moderator admin
    edited May 2020
    Hi Erika

    All excellent points and I could not agree more that turning off uPNP and doing it manually is very good practice.  

    The challenge that our support team has to deal with is that about 90% of our customers have no idea what you said.  :)   I wish I was making that up, but it is very true.  They do not have the experience in advanced networking such as this. 

    We spend a lot of time helping customers with network issues, port fowards, double NAT issues or ISP's who do not provide a WAN address to their router.  We also spend a lot of time undoing what they attempted to do and really busted things.

    We will always recommend to leave uPNP on and leave DHCP turned on for the radio assignment, but that is from a supportability perspective as it just works 99% of the time.  

    Mike 

Leave a Comment

Rich Text Editor. To edit a paragraph's style, hit tab to get to the paragraph menu. From there you will be able to pick one style. Nothing defaults to paragraph. An inline formatting menu will show up when you select text. Hit tab to get into that menu. Some elements, such as rich link embeds, images, loading indicators, and error messages may get inserted into the editor. You may navigate to these using the arrow keys inside of the editor and delete them with the delete or backspace key.