Step-by-step guides often don’t take time to explain the steps, which means you just have to follow blindly. This means that you don’t usually understand what you’re doing and so you can’t adapt if the situation changes a little.
First thing you should understand is WHY you’re worrying about static IP’s at all.
A. The built-in firewalls on most routers will not open a port to just anything that’s connected to them. It’s poor security to do that because those computers might not be aware that there’s an open port through which they’re vulnerable.
So the firewall requires that you specify an IP address for which you want the port opened. Now a device connected to the router, that HAS that particular IP address, will have that port open. Other devices with other IP addresses will still have that port number closed.
B. By default, when you hook Windows up to a network, it uses a protocol called DHCP to ask that an IP address be assigned to it for use in this session. The address is leased, not permanent, and can change without notice to you. This means that each time it connects, it can have a different address, and the address can suddenly change in mid-session. Most of the time, this won’t affect you.
If you connect directly to your ISP, Windows asks it for an IP address. But if you connect to a router, then Windows asks the router for an IP address. The router plus any computers connected to it, form a subnet. This subnet appears as a single unit to the internet. The router stands in place of a computer.
If you put B (ask for an IP address) together with A (won’t open a port except to a specific IP address), you can see that there will be problems. If it has to be a particular address, but my address is variable, then anytime I don’t (by blind luck) get the right address, my port will be closed. If there are other machines connected to my router, and one of them happens to get assigned that one address, then it will have a vulnerable open port that it doesn’t know about. Very bad news.
We solve it by telling my computer NOT to ask for an IP address anymore, but instead we tell the computer the IP it must use. When it connects to the router, it tells the router that this is its IP address. (It is up to you, as the network administrator of the subnet, to make sure no other device has that same IP.)
By doing this, your computer has a static and unchanging IP address on the subnet. So now we can confidently tell the router’s firewall to open the port to that IP, knowing that the port will be open for the right computer, and closed to all the other wrong computers.
The router assigns IP addresses to devices that ask it to do so (via DHCP), by taking those IP addresses out of a pool of IP addresses that it has designated for the purpose.
Most routers set up this pool with either a start and end address, or a start address and a range.
It’s a good idea to change that so there are only as many assignable addresses as you will actually need, allowing for a couple of extras, and then picking an IP address for your computer that is outside of the pool of assignable addresses.
For example, let’s say we have the router’s address, 192.168.0.1, and we have a netmask of 255.255.255.0 This means that all the addresses of all devices on the subnet need to have the same first three octets: 192.168.0, and we need only worry about the last octet, which can have any value from 0 through 255 inclusive.
We won’t use 0 because it makes people nervous, though it’s perfectly valid. 1 is used by the router, and we can’t have more than one device with any given IP, on a network. Let’s make the start address for our DHCP pool begin at 2, and end at 4 which gives us a range of three assignable addresses, for three other devices.
That leaves us with all the other addresses from 5 through 255 in that octet, that haven’t been assigned and are not in the pool so they won’t get assigned by the router. We can pick any one of those, and no one is any different or better than any other.
So let’s pick 5 because it’s next and that makes things clean and neat.
Wait, we hate clean and neat, so let’s pick 42 instead, just to be ornery. Ok, our computer’s IP will be 192.168.0.42 and all the others, 5 through 41 and 43 through 255 won’t be used at all.
192.168.0.42 is the IP address we’ll set in the computer network properties, and that’s the address we’ll tell the router’s firewall to open the port for. (This is the missing step that’s probably giving you grief.)
For the rest of our network settings, it’s really obvious. The default gateway is also the only gateway, the only thing we’re connected to, which is the router, and we know it’s address: 192.168.0.1
For the DNS server, the same logic applies: we’re only connected to one thing, the router. Same address. (The router doesn’t actually do DNS decoding, it passes the task onwards, but we don’t need to care about that here.)
This is how you properly get through the router’s firewall. But BitComet’s yellow light means that your listen port is being blocked by A firewall. It doesn’t say WHICH firewall. So if you’ve got more than one, and one of them is still blocking the port, then the port will be blocked no matter how the others are set.
Many firewalls are software, running on your computer. The built-in Windows XP firewall is one of those. Many other programs include firewalls but aren’t always obvious about it. Most internet “security” programs include a firewall. So do some mainboard utilities.
Having multiple firewalls doesn’t make you more secure, but it does give you problems trying to manage all of them. If you open a port on one, you have to open it on all of them to be effective. So I don’t recommend having more than one. But you do, definitely, need that one. You’re very vulnerable without it.
As to these other firewalls, you have to find them and either configure or eliminate them. It is your responsibility to know what’s running on your computer, nobody else can do that for you. You should bring up Task Manager, and look at the list of processes (not applications). They will be indentified by their file names. You should use Google to look up each filename, in order to understand what each one is and does.
In that process you will probably discover a lot of things that you didn’t know were running, and that you don’t want to have running since they just waste your resources. Most people do. In this case, you’ll need to find out how to keep them from automatically starting up. Google will also help you with this.
Some firewalls are entirely external - your network connection can itself be behind a firewall. this is often the case where the internet connection is supplied by the building - often the case in businesses, dormitories, and motels. Most wireless connections of all types are also firewalled liek this.
In such a case, where you are behind a firewall you don’t control, you’ll either have to have it configured for you, or just use BitComet’s 'no-listen" mode, which will be much slower, but will still work.
lol )
)
