The PDM Web Page and Port Mapping

Updated 8 months ago by Bryan Jones

Scope

This document covers the topic of "port mapping" or "port forwarding" related to the web interface of the 25-seven Profanity Delay Manager (PDM). This document covers all versions of the PDM.


Description

We do not EVER recommend putting web-controlled equipment directly on the public internet; although, we understand the benefits. The BEST scenario would be to use a VPN and create a secure tunnel to your local network. However, if your IT department cannot support a VPN, and you must have remote access to your PDMs, then you'll have to make your PDM available on the public internet.

If you must have your PDM publicly available, make sure that its web UI has a strong password!

Most publicly available internet connections have only ONE public-facing IP Address.

If you want to know your public-facing IP Address, try using the site ipchicken.com (no, seriously, it's a legit site). Click the icon below.

For me, the Web Site says this. (On yours, make a note of your IP Address. You'll need it later.)

You can't just go out in the field and type the address 173.123.123.123 (or whatever your IP address is) in your browser. You first need to "map" specific ports from the public-facing IP Address to the private IP address assigned to your PDM inside your network.

Let's, for discussion purposes, assume you have two PDM units you want to control remotely.

  • PDM 1 has a private (on your local network) IP Address of 192.168.2.94
  • PDM 2 had an IP Address of 192.168.2.95

We need to map the main web port (port 80) and the control port (port 5444) to the right PDM units. Most routers call this feature Port Mapping. It's instructing your internet router that when it sees incoming traffic on one port of its external IP address, forward it to a specific port on an internal IP address.

It's best NOT to map port 80 directly. That's the default for all web traffic, and hackers will find it and try to beat on your PDM trying to log in. So use something different.

For this example, we'll use ports 8080 and 8081 for our two PDMs.

The configuration steps are as varied as the number of routers available. Comcast, Netgear, Linksys, D-LInk (and many others) configure differently; however, they follow the same premise.

  • When an INCOMING connection is received on port 8080, forward that to port 80 on 192.168.2.94 (PDM 1)
  • When an INCOMING connection is received on port 8081, forward that to port 80 on 192.168.2.95 (PDM 2)

If you have done this right when you try to connect using your Web Browser to http://173.123.123.123:8080, you'll get the PDM prompt for your login credentials.

You'll need to use the IP Address that iP Chicken gave you from the link above in place of 173.123.123.123.

Here's where this gets a little tricky

In addition to the web page, there is also a control port that you must "map." This port makes the buttons and screen work properly.

As mentioned above, the PDM's control port is at port 5444. So, if you connect directly to a PDM's web UI at port 80, the web page software, once loaded, will reach out to the PDM's control port 5444.

If the web page software always "phoned home" at port 5444, then if you tried to map two PDMs on the same IP address then both would connect to port 5444 on your router, and there would be no way to tell the difference between the two. To avoid this problem, the web page software is configured to "phone home" at a port that is 5364 above the port that the web page appears on.

With the PDM's web UI at its native port 80, the control port will be at 80 + 5364 = 5444, which is the default control port. But, if the web UI is at port 81 (one port higher than usual), then the control port will be at 81 + 5364 = 5445 (again, one port higher than usual).

Using the above examples, PDM 1 will be found at port 8080 on your external IP address. The web UI will add 5364 to 8080 and get 13444, and it will expect the PDM 1's control port to be at port 13444 on your external IP address. So, you will need to route incoming connections from port 13444 to port 5444 on PDM 1. Similarly, PDM 2 will be found at port 8081. 8081 + 5364 = 13445, so you will need to route incoming connections from port 13445 to port 5444 on PDM 2.

To sum it up

For PDM 1
  1. Map the incoming TCP port 8080 to port 80 of the private IP Address for PDM 1 (192.168.2.94)
  2. Map the incoming TCP port 13444 to port 5444 of the private IP Address for PDM 1
For PDM 2
  1. Map the incoming TCP port 8081 to port 80 of the private IP Address for PDM 2 (192.168.2.95)
  2. Map the incoming TCP port 13445 to port 5444 of the private IP Address for PDM 2


Final Thoughts

With this system, you can have multiple PDMs available on the same external IP address. Again, if you do so, make sure that your PDMs have strong passwords. Otherwise, you may find that some outsider will guess the password, and bingo: they'll be controlling your PDM. Nobody wants that.

Let us know how we can help

While we can not provide direct support for your router, if you have further questions on this topic or have ideas about improving this document, please contact us.


How did we do?