If you succeeded in logging into ACP from the other local computer you're on your way, but typically you'll have to do the next task: providing access from the Internet through your cable/DSL router. There are two issues to be dealt with:
Go to a different computer on your local/home network. Using the same IP address, username, and password as in the previous step, try to log in. This may fail if you have firewall software (Windows Firewall, McAfee Personal Firewall, etc.) installed on either of the two computers. If you do (windows XPSP2 does by default!), follow the instructions for your firewall software to allow access between the computers on your local network. In particular, you must allow inbound access to ports 80 and 21 on the ACP computer for the other computers on your local net. Generally, putting all of your local/home computers into the "trusted" group is enough, but again see your firewall software's instructions. If you succeeded in logging into ACP from the other local computer you're on your way, but typically you'll have to do the next task: providing access from the Internet through your cable/DSL router.
We'll assume you're using broadband (DSL or cable) for your internet access. If you want to try a dial up connection, go ahead. If you have problems, we'll help you by phone or the DC-3 Dreams Communication Center. Meanwhile, broadband connections typically use some combination of a modem and a router (they may be the same box).
The key component is the router. It divides the network into your Local Area Net (LAN) and the public Wide Area Net (WAN). In typical use, your computers on the LAN can connect out to servers on the WAN. But to Share Your Sky!, you want others to connect in to the ACP servers on your LAN.
Since your LAN IP addresses are not visible to the WAN, allowing inbound connections requires some adjustments to the router configuration. The details vary with different router types, but the concept is usually the same: set up port-forwarding from the WAN to the LAN. For example, referring to the figure above, the observatory/ACP computer has a LAN IP address of 192.168.1.10, and the router has a public/visible IP address of 70.121.56.149. The idea is to tell the router to forward TCP ports 80 (web) and 21 (FTP) to 192.168.1.10 on the LAN. This makes it look like the ACP web and FTP servers are on the router's public IP, which is visible. Then people on the WAN can log into your ACP web and ftp servers by using an IP address of 70.121.56.149. Meanwhile, inside your LAN, your computers can get to ACP via its LAN IP address 192.168.1.10. The LAN address is what shows on ACP's preferences servers tab.
The only reliable way to test your routing setup is to have someone on the WAN try to log into your ACP servers. From the LAN, you can log in via the public IP address, but this does not test your provider's filtering (see the next section). So to really know whether you have a usable setup, have a friend somewhere on the WAN (preferably one in another city or country) try to log on.
If it doesn't work, check the following:
Sometimes, broadband providers block inbound access to TCP port 80 (web), and less frequently, to port 21 (FTP) as well. They do this to prevent their residential customers from running web servers. But that's exactly what you want to do! Fortunately there is a workaround: using a non-standard port. In ACP preferences, servers tab, change the web server port from 80 to 8080. Then reconfigure your router to disable any port 80 port forwarding you set up and then enable port forwarding for port 8080 to your ACP computer's LAN IP address. This creates a slight inconvenience for your Share your Sky! users; they have to include the non-standard port number in their URIs. In the above example, the URI for your ACP web server with port 8080 is http://70.121.56.149:8080/ If you run into the same problem with FTP (unlikely), change ACP's FTP server port to 8021 and instruct your users to use this port instead of (the default) 21 in their FTP clients.
The ACP web content describing FTP usage automatically displays the host name or IP address, and the port (if non-standard), so your users will have all of the information they need even if you are forced to use a non-standard port. As noted in the section on Local/Home Net Access, any firewall software on the observatory/ACP computer may block inbound connects. The details vary, so consult the instructions for your firewall software. You must configure it to allow inbound access from any IP address, at least for starters. After you get it working, you can restrict the IP addresses from which people can connect to ACP if you want additional security and you can predict what range(s) of IP addresses your observers will be on.
If your router is also a wireless hub, there could be separate configuration settings for wireless and wired LAN hosts. Be sure you have port forwarding enabled for the type of connection used by your observatory/ACP computer.
The next page describes how to get a domain name for your observatory/ACP computer. Virtually all broadband providers can change your router's IP address at will. Thus, you never really know what IP address to give your Share Your Sky! observers without first looking. Furthermore, if they bookmark an IP address, chances are it will become a broken link soon thereafter, forcing them to contact you to get the latest IP address. Read on for the right solution to this...