Access point basics:
WAN=Wide Area Network, the outside world (a circle on the airport base stations)
LAN=Local Area Network (e.g. the inside)
Your access point will act as a router, connecting these two networks.
On the outside, your router will have a specific address, like 10.14.251.x
On the inside, it will create a set of addresses, in our case, 192.168.1.x
Computers on the inside (wired to the three ports, or wireless to your network) will get 192.168.1.x addresses, and see the router as their "gateway"
The DNS setting will be set on the outside, telling the access point who to ask for directory services (like a phone book)
Set the IP address to the address given on the board for your access point/router
The gateway will be 10.14.0.2
The DNS will be the same, or 10.9.250.13. You can also list 220.127.116.11 (google)
The netmask on the outside (WAN) will be 255.255.0.0, giving us 254x254 address possibilities.
Connect to your access point by wireless network, leaving the password the same.
Configure the WAN address, plug the WAN side into the elab network, check to see if your router is working.
Check your new wireless IP address, it should be something like 192.168.1.x.
Browse to some place on the outside, like www.apple.com
Check with speedtest.net or speedtest.dslreports.com
Make your network hidden
See "wireless options"
Block some person from using your access point as a router based on MAC address
See Network setup, "access control"
Setup inbound port mapping, using port 80 to some address specified.
Look for Network Settings, the lower box, add the address of the machine on the inside and the port (80 for web)
Browse from the elab side of the network to your access point WAN address, see if you get the web server on the inside. This is useful for games.
routers vs. gateways
apache web server startup
dhcp vs. static addresses
html basics: index.html is the default page on web servers
(later: much more on servers, ports, html and net neutrality)
Ports: computer "doors"
portscan: what doors are available
Port 80: default web server port
test on your network with 127.0.0.1 and your 10.14.8.x address
try with the 80 and without
use IPNM to test yours, and others
test 10.14.4.32-who is this? how could you find out? try dns 10.14.1.1
Airport extreme defaults to DHCP (dynamic host configuration protocol)
how is this different from static? why is it useful? where would I find it?
two sides to every gateway/router: the WAN side (wide area network=outside) and the LAN side (inside)
We will setup your routers to pass traffic from the HPA LAN (our WAN) to your private LAN (192.168.1.x). This means only YOUR computer, not the shared switch on your desktop. Why?
How will you know it is working?
See previous weblog for router setup notes, as well as the wiki here:
"DHCP wired" location, wireless disabled, can you browse the web?
Look at the settings the router gave you...
Your mind is probably constructing network diagrams, try writing these down. It's what I use to fall asleep at times...
Try now with a static address (static and DHCP can co-exist, but you can only have one DHCP server on the LAN)
Try either a 192.168.1.x address (your crossover network setting)
You will have to make sure the router is giving out addresses on the 192.168.1.x network.
NAT and Port forwarding (also known as inbound port mapping).
NAT: your computer uses the router to translate your address into a web request to the server, which then passes the response back to you, Network address translation (NAT)
Port forwarding/inbound port mapping: calls to the outside WAN side of the router are passed to some FIXED address on the LAN.
You have to have a fixed address on the LAN for the router to know who to send the packet to.
Test this on your private network with your apache web server.
Play around with this in the class, looking for others' routers, and your web server
You can also look under Utilities for Activity monitor, it should show folks looking at your web page
If you are really curious, you can go to console and see who exactly is looking at your web pages...
(look into the tail -f command for future reference)
Next steps: port forward 548, 22 and others...what do you see?
How could this be useful at your home/dorm?