Tech Support Forum banner
Status
Not open for further replies.

Subnet Masks | Router Ports | IP Ranges | Ect...

4K views 10 replies 4 participants last post by  Wand3r3r 
#1 ·
I am using a Westell Model 6100 Proline wired router.

The router has two connection plugins:
- one plugin connection to the telephone outside line (simple), and
- one plugin connection that I have plugged into the ISDN modem that came out with old Compaq machine.

Over the past 10 years, I have used only the Dialup modem, so this router business is a very new to me.

The router installation went pretty well, but I soon found that it had an internal firewall that allows for custom settings to be made. After setting the firewall to much stricter levels and setting it to LOG all Inbound connection attempts, I soon found that there were MANY MANY different people (computers) from around the world (mostly China) trying to connect to my computer, even when there was NO web activity coming from my end.

After experimenting around with the router firewall settings, I found that I WAS able to block ALL Inbound traffic, on all ports from Port 0 to 65535 and was still able to connect to any website.

Later, I began to experiment with blocking as many Outbound ports as possible. With all Outbound ports blocked, from port 0 to 65535 (except port 80), I have still been able to do pretty much the same as before, but occasionally I do have to reload a web page (seldom). These settings I have applied for both TCP & UDP.

I normally always shut down my computer at the end of the day, disconnect the router from the internet & unplug the power to it. On restarting the next day, I can first plug in the power to the router, then immediately turn on the computer (remember this is the Win 98SE startup time added in), and everything always works fine, with no problems connecting to the router & then to the internet that I have found.

The problem with the extremely strict router firewall settings that I have is this:
if I need to Restart my computer for any variety of reasons (remember this is Win 98Se), the router will not recognize and connect up to the computer after the restart. On my "TCPview" program (Sysinternals.com-Russinovich...) I get the standard link local IP address that comes up when there is no connection to the router. I think it's something that starts with 169.xxx.xxx.xxx.

If I shut the computer down completely and power down the router, as in a cold restart, everything works just fine as before and the router assigns the same 192.168.1.10 address to the computer as always.

One of the first things I have tried is to allow the lower port range between the router & my computer with the following custom rules I created on the ALLOW page:

Rule Name (This is the Firewall ALLOW RULES page):
HAL_UDP show details
Protocol UDP
Source IP 192.168.1.10 (the router always assigns this IP # to my computer)
Source Netmask 255.255.255.255 (I have NO IDEA how to set this)
Source Port Range 0 : 1024 (this is my guess at the port range)
Destination IP 192.168.1.1 (this is the router's IP address)
Destination Netmask 255.255.255.255 (I have NO IDEA how to set this)
Destination Port Range 0 : 1024 (this is my guess at the port range)
Mode Log
Direction Both
delete hide details modify
--------------------------------------------------

HAL_TCP show details
Protocol TCP
Source IP 192.168.1.10 (the router always assigns this IP # to my computer)
Source Netmask 255.255.255.255 (I have NO IDEA how to set this)
Source Port Range 0 : 1024 (this is my guess at the port range)
Destination IP 192.168.1.1 (this is the router's IP address)
Destination Netmask 255.255.255.255 (I have NO IDEA how to set this)
Destination Port Range 0 : 1024 (this is my guess at the port range)
Mode Log
Direction Both
delete hide details modify
--------------------------------------------------
Basically I want to only allow communication between my computer & the router (to the web of course), with only the least possible ports open & IP address range necessary between them.
Is/are there any particular port(s) that need to be left open, such as UDP: 137-138 & TCP: 137-139 ??? I had also read somewhere that there was something about DNS lookup on Port 53 (I think?).
Even without the above ALLOW rules in place, I can still connect to the web (with port 80 only left open on the DENY page on the Outbound traffic).
--------------------------------------------------


Another one of the things that I have been experimenting with is the Network Settings in the Control Panel on My Computer:
Start>Settings>Control Panel>Network>Configuration Tab>TCP/IP Properties>IP Address tab, with the following two radio button options:

- obtain an IP address automatically (previously setting before I began experimenting)
- specify an IP address (this is where I thought I might get some results)

Specify An IP Address:
192.168.1.10 (I tried the number normally assigned by the router)
Subnet Mask:
xxx.xxx.xxx.xxx (I have no Idea what this is or what to input here!)
--------------------------------------

At first I tried the IP address that is automatically assigned by the router to the computer on startup:
192.168.1.10 (this is the standard assignment from the router to the one computer connected to it), but I have been unable to figure out (Again) what to input to the Subnet Mask. Any Ideas????
-------------------------------------

I did find a page on the web that had a subnet calculator:
SubnetOnline.com - SubnetMask Calculator

...but it asks for IP address ranges to input into the calculator:
"Please give me your last IP address in your range (i.e. 192.168.91.254) : "
"Please give me your first IP address in your range (i.e. 192.168.90.1) :"

& every guess I have made so far as to what that is has returned only the inability to get onto the web, but in every case I was able to communicate with the router.

If there are any guru's here on this subject, I would greatly appreciate any input. If not, then could someone direct me to a website where I can learn about this stuff, as long as it's not Wikipedia (been there & several other places). Maybe some remedial web site made for IP dummies or something. I intend to continue until I learn this stuff, however long it takes......Thanks.....
 
See less See more
#2 ·
If you want to learn this stuff I would suggest you go Cisco [not linksys] like get a PIX.

Not much sense in leaning a IOS [router software] that appears old and obsolete. That model goes for under $15 on ebay.

You would want to start your studies with a book on routing so you understand what a subnet mask, etc is about.
 
#7 ·
if you really want to learn about subnet masks etc then I would suggest you buy compTIA Network+ by Todd Lammle (sybex) and compTIA Network+ 4th edition by Mike Meyers. They will explain all this in simple terms for you and you could end up with a qualification if you take the exam related to them.

If you can do binary math then you can subnet although subnetting can make your brain into swiss cheese before you really understand it.
 
#8 ·
Thanks again everyone.

I want to add in that I got a response from the What Is My IP Forum - Powered by vBulletin guy & was told to enter in the Start>Run> cmd box:

"ipconfig /all" (without the quotes (for anyone that's a novice like me))

..and this would give all sorts of good info on the internet connection. The information I got here mirrors exactly what I have tested for over the last few hours.

Note:
I had to use the MS/DOS prompt for running old MS/DOS games, ect.. in Windows mode to get the IPCONFIG / ALL to work.

PS.
I know that my system is considered obsolete and all, but I am working on this more for nostalgia/antique reasons. However I am also making some improvements in security for obvious reasons.
 
#9 · (Edited)
There are various commands that you can use to check what your IP is wether your computer is talking to the modem or router and wether it is connecting to the internet correctly

ipconfig - you know this
ping then add a website address this tells you if your computer can reach the website
tracert then add a website this shows you how the system reach that website and all the routers it goes through to get there.
ping 127.0.1.0 this tells you if your computer is talking to the router and router is talking back to the system.
 
#10 ·
Thanks greenbrucelee,

One of the main reasons that I am wanting to make the most of the router's firewall is that the old machine that I am running this OS on has an old Intel Celeron processor (500mhz), with a maxiumum RAM of 256MB. Running a big software firewall is about all this particular machine would be able to handle in terms of software programs running at any given time.

I actually was sent the router from the Phone Company ISP last year after going from dialup to ADSL & I assume that it is pretty modern. It's actually very modern hardware considering the machine that I am running. Compared to the old dialup modem with 56k-v90 (6kb/sec max download speed), ADSL on a wire router really does more than I could have ever hoped for.

As a side note:
I am presently looking to move my original, purchased, licensed, Win98SE OS to a newer machine sometime soon. The newer machine is an HP (circa 2003) with a 2.7ghz processor & the RAM capability goes sky high. I tried a test version of Win98SE on this machine & it ran like greased lightning because the old OS is so much smaller than the NT-XP OS it was originally designed for. Also, I tried every trick I knew to make it crash & couldn't make it happen under any circumstances! There are still some developers working on improving this OS also. I'll probably be posting a few questions on the Windows ME/98 forum in the future for any hints...

Thanks again.....
 
#11 ·
"ping 127.0.1.0 this tells you if your computer is talking to the router and router is talking back to the system. "

Loopback ip is 127.0.0.1 and a ping of it only tests the local tcp/ip stack and nothing else. Test never hits the cable.

Win98user if you have the routers manual it should have some example pages on how to configure the firewall settings. Best of luck.
 
Status
Not open for further replies.
You have insufficient privileges to reply here.
Top