• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

web server not visible behind router

D

dpopiz

Diamond Member
I used to use zone alarm and ICS to share internet across the lan on the same machine as I run a web server on. I just switched to using a dlink 704P router for internet sharing/firewall. as much as I try, I can't seem to get my web server to work with the router. I have the router set to have port 80 forward to the ip of the web server machine, but when I try to access the website even on the machine that's hosting it, it says finding the domain name and then gives up after a minute or two. however, if I just connect the server machine directly to the dsl, the site comes up fine both on the server machine and on a remote machine on the internet.
 
You have to change the port on the router that the web-based router configuration thing is on. Otherwise, when you try to come in on 80 it thinks you are trying to manage it and rejects the request. I have a D-Link di-711 and it took me awhile to figure this out. My old Netgear didn't do that...
 
You can't access a website behind a NAT router from a computer within the NAT network, unless you use the internal address. This is because of the NAT translations, because the outbound request goes out and opens up port 80 to the "real" IP address of the connection, and when the router tries to open an inbound connection to port 80 and send it to the server, it finds that the port is already in use. The router isn't able to figure out that the traffic shouldn't need to pass through the WAN port's processing and just go straight to the internal IP.

Even though the traffic doesn't actually go out over the DSL line, the router has to process it as if it were an incoming connection on that IP, which is has already made an outbound connection with on port 80. Even if it separates inbound and outbound port usage and sends the request to the web server, the web server can't respond, because it attempts to send an outbound reply on port 80 (the reply would be used to redirect the requesting machine to another port), but the router already has an outbound port 80 connection from the first machine. While technically possible to have multiple requests on the same port going to different IP's, in this particular instance it won't work.

Doing it with an ICS computer would work fine because the ICS computer can just make a connection to itself for the website, and the external IP is on a different network adapter than the one the request came from.

Assuming that your client machines are able to find the IP address of the domain, which they should, the failure comes when they actually try to open a connection to that IP. You can verify using nslookup (in Win2k or XP), or pinging the domain name. The ping may fail, but it should at least show the IP address.

If outside computers aren't able to connect to the web server, then you may want to verify that they're getting the proper IP address (and that your DSL hasn't changed the IP if you don't have a static IP), and see whether they're able to ping it. They should be able to, since you have Internet access. If they can't, then that may be a definite indication that the router's firewall functions are still blocking the incoming traffic, even though you've set it to forward port 80. You may need to go through the configuration again.


I didn't even think about the port for the web-based configuration. Most routers disable that function from working on connections from the WAN side, only allowing it internally. You'll need to read the manual to see where the setting is for it.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top