There are two ways to do this: You can set up your Mac as a "DMZ" to forward all ports to a single Mac which is exposed to the entire internet.
Forwarding individual ports is a more selective. It allows you to use more than one Mac as a server, and retains most of your Router's inherent firewall protections.
The LinkSys Router sets up the port forwarding from the Advanced area's Forwarding screen. Just fill in a short description, the port range (if only one port, use the same number twice), and the local/private IP Address of the Mac with the server, and be sure to check TCP and Enable boxes. The click Update.
Apple's Airport admin utility has a Port Mapping screen (click "Show all Settings". Just click the Add button, then fill in the port (Apple let's you change the port number, though you usually won't want to, so fill in the same port number in both Public and Private port fields) and local/Private IP Address of the Mac running the server.
The IP Address 10.0.1.20 shown here is the static IP address I assigned to my Mac on the Airport network (see here.) Port 548 is the port for Apple's personal file sharing.
Other router brands use other terms for port forwarding. Netgear sensibly call it Port Forwarding from the Advanced sub-menu. The D-Link routers use the Advanced Virtual Server screen to configure this feature. The Belkn routers use the Virtual Server screen under the Firewall settings page to configure this feature. If you can't find it for your router, loop up your router brand at this site.
Here's a list of some of the more common ports for other services you might want to set up:
Most of these are pre-configured and named in OS X's Sharing Preference pane's Firewall tab.
Port Service 548, 427 Apple Personal File Sharing 139 Windows File Sharing 20-21 and 1025-65535 FTP (read more about FTP ports) 80 Web server (HTTP) 443 Secure Web server (HTTPS) 3283 Apple Remote Desktop (check UDP, too.) (See Apple KBase Article) 6346 Gnutella file sharing 6881-6889 BitTorrent file sharing 5060, 5190, 5297, 5298 and 16384-16403 iChat AV (See Apple Kbase Article 93208)
You can designate one computer on your home network as a DMZ (DeMilitarized Zone, an odd reference to a system completely unprotected by the Router's inherent firewall and exposed to the internet.) This forwards all ports, UDP and TCP, to that single Mac. It can be used if you have only one Mac running a server on your LAN, and if you don't mind that it removes the firewall protections of your Router from that Mac.
On a LinkSys router, go to the Advanced settings and use the DMZ tab. Enter the local (private) IP Address you assigned to the server Mac.
With the Apple Airport (Extreme) Base Station you establish a DMZ host with the Airport Admin Utility, on the Airport tab, click "WAN Privacy..." button. Check the Enable Default Host box and enter the IP address of the Mac you want to use. (This is not available with old Airport Base Station firmware.)
Personally I much prefer forwarding individual ports to using a DMZ for the added security and flexibility. But, there's no denying this is easier to set up. If you do this, be sure to turn on the Mac OS X Firewall.
You have to use a different external port for each server. How you change the port for the server on the Mac, and how you access different ports from the netowrk client, depends on the service.
For example, you can change the port of your Mac OS X WebServer.
rest TBS - sorry
BACK (Assign a Static IP Address)
Top
NEXT (Find your Public IP Address)