Problem browsing web server from LAN side of Webramp 700s

[vortix]

I have a Webramp 700s that I'm using with NAT/PPPoE, and it is assigning IPs to my LAN using its DHCP server. Currently, I have it set up so that my Windows 2000 server (internal IP 192.168.1.3) is accessible on port 80 from the Internet. I have no problem typing in my domain name (which points to my WAN IP address) from anywhere on the Internet and browsing my internal web server.

However, if I try to browse my domain name from inside my LAN, it will not work. Even typing my WAN IP address in does not work. The only way I can browse my web server is to type in the internal IP address.

Does anyone know how to fix this problem? I need to set it up so that I can use my domain name internally.

 

[reicherb]

The easiest way if you only have a few internal PCs is to put an entry in the host file that points the domain to the local address rather than using your isp to resolve the name to the public address.

 

[Oaf357]

How restricted is your LAN? You might want to try and setup a rule so that your IP can talk to your web server's IP.

 

[vortix]

Originally posted by: reicherb
The easiest way if you only have a few internal PCs is to put an entry in the host file that points the domain to the local address rather than using your isp to resolve the name to the public address.

Currently I only have a few PCs. But I will be installing the same router/firewall in an office LAN with 50 PCs, so putting an entry in their host files is out of the question...especially since they get new PCs all the time there.

 

[vortix]

Originally posted by: Oaf357
How restricted is your LAN? You might want to try and setup a rule so that your IP can talk to your web server's IP.

My IP already can talk to the web server's IP. It works fine if I type in my web server's internal IP into IE....but if I type in the domain name or WAN IP address it does not work. Here is what happens on a tracert internally:

-----------------------------------------------------------
C:\>tracert 65.43.xxx.xxx

Tracing route to adsl-65-43-xxx-xxx.dsl.bcvloh.ameritech.net [65.43.xxx.xxx]
over a maximum of 30 hops:

1 * * * Request timed out.
2 * * * Request timed out.
3 * * * Request timed out.
-----------------------------------------------------------

and it just keeps repeating the "request timed out" message. Outside of my LAN I can type in my WAN IP or domain name into IE and browse my web site with no problem.

I'm guessing there's something I need to configure in the Webramp 700s. Does anyone have experience setting this up with a Webramp 700s??

 

[Oaf357]

I have the Webramp 700s and I must admit that is rather peculiar. If you do a tracert to the domain name I'm assuming it does the same thing. Hmm... <ponders>

 

[vortix]

Originally posted by: Oaf357
I have the Webramp 700s and I must admit that is rather peculiar. If you do a tracert to the domain name I'm assuming it does the same thing. Hmm... <ponders>

Yep it sure does. And I have no idea why either

 

[skyking]

The only satisfactory solution, short of editing the hosts file, is to run internal DNS, and point to your internal DNS server as primary. The DNS gets resolved back to your own IP now, and although I have now experience with the webramp per se, all the other routers I have tried this with do the same thing you are experiencing.

 

[newphatdaddy]

I have a SonicWall Tele 3 TZ, essentially a similar box - and it too has this problem. I talked with SW support who said they are aware of the limitation "and may fix this in the future." Yeah. Bullsh!t. Now that I know this has been going on since the Ramp products, I don't expect they can ever fix it. It appears to be a product of high security, where maybe their implementation of IP Spoof detection will not allow a NAT'ed IP address from it's own box out to the WAN to resolve back to the external WAN address and back in to the LAN again. It sucks donkey balls if you ask me, but there ain't much but what the last poster said to do about it. I haven't had this problem on other NAT boxes, even those that claim SPI (Netgear in this case). However, I've never used a 'real' firewall in the likes of SW, Ramp, et al, so I don't know if this is std 'real' fw behavior.

 

[luv2chill]

It's called loopback and many routers/firewalls can't do it. The webramp is one of them. The suggestions already posted (hosts file, internal DNS) are your best/only solutions to this problem.

l2c

 

[vortix]

Damn, that really sucks I suppose I'll just run a DNS server internally for that.

 

[mboy]

Why not just add the LAN Ip to the favorites in IE and rename it to the website so the users no what it is. When you have to add more computers, just send those users and email with the link and instructions on how to do it.
That is if you don't want to set up your own DNS server.

 

[skyking]

That is what I did, but I only had about 10 computers to do that to in each case.

 

[AMDScooter]

Hello all. Vortix, I have the exact same model webramp (700s) and am using NAT with DHCP client for my attbi cable connection. I have a Windows 2000 webserver also that I had been using a Linksys router to port forward to the server. It worked fine. Since swiching to the webramp I cannot get the port forwarding to work at all. I have tried a zillion(ok..slight exaggeration there... ) different combos in the access and rules area with no success. Would you be willing to email me a Tech Support Report from the Diagnostic area in notepad or some other text file?? AMDScooter@attbi.com Feel free to edit out anything you like. I'd just like to do a line by line comparison to see what the hell I am missing.

Thanks in advance
Scoot