Skip to main content

Optional: Enable Remote Device Filtering

If your modem is performing NAT, or you are using other equipment for your network gateway, it is essential to turn on DMZ or Port Forwarding on the gateway to the DrawBridge WAN/External interface IP address to enable Remote Device access.

Required Remote Device Ports

PortProtocolServiceAccessible FromNotes
1525TCPPACAll IP's/EverywhereProxy PAC (HTTPS)
6502TCPRedwoodAll IP's/EverywhereProxy PAC (HTTP)
25000-29000TCPRedwoodAll IP's/EverywherePer-device authentication

Implementation

The ports above must be open in the ClearOS Incoming Firewall. The following sections assume that has been done.

Installation Type A:

DrawBridge Gateway situations

  • Fiber and Cable modems: We recommend you use DMZ on the modem for the IP address the DrawBridge is using for its WAN interface. Note that you'll need to ensure the WAN interface IP addresaddress doesn't change, either by configuring the interface on the DrawBridge to a static IP ORor by configuring a DHCP reservation for the IP address in the modem DHCP settings.
  • DSL modems: We recommend you use port-forwarding on the modem for the IP address the DrawBridge is using for its WAN interface. (DMZ is usually unreliable on DSL modems for some unknown reason.) SeeConfigure Appendixthe 1Port belowForwarding forin port-forwardingthe information.modem per the Required Remote Device Ports list, above.
  • Fixed Wireless: Either DMZ or port forwarding will work. Usually you'll need to contact your fixed wireless provider to have them set up these features for you. SeeHave Appendixthem 1forward belowthe forports port-forwardingin information.
    • their
  • Whenequipment thisper isthe complete,Required proceedRemote toDevice StepPorts 5.list, above.

FAQ: Why aren't you recommending Bridge mode? You're recommending Double-NAT!

Yes. The reason is that most Internet Service Providers lose access to the diagnostic functionality on their equipment when it is in Bridge Mode. If you call them up about an issue, they'll simply have you reset the modem, which may "fix" an issue, but hide the root cause (such as recurring timing errors on cable networks, etc).

This Double-NAT configuration method works well, despite not following the typical recommended industry "best practices". If you wish to use Bridge mode instead, you are certainly welcome to do so.

Installation Types B and C:

DrawBridge non-gateway situations (other equip at actual gateway)

  • Configure port forwarding on your gateway equipment (per the informationRequired inRemote AppendixDevice 1Ports below)info, above) to the DrawBridge WAN/External network interface IP address.
WARNING:

For Installation types B and C, Do Not place the DrawBridge in a DMZ, as this will leave the DrawBridge unprotected from incoming threats!

Back to top