Cannot access server (behind a router) from LAN via external IP
Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Cannot access server (behind a router) from LAN via external IP
I have a small LAN behind a modem: Zyxel Prestige 600 series. I've set up some servers on one of my LAN computers. Port forwarding is OK, my friends can connect to the servers properly. But on any hosts in the LAN, I cannot connect to the server using the external IP of the modem (using internal IP is fine.). I've googled for a while and found that it could be my modem doesn't have loopback function.
I dont' know what the "loopback function" is, and how I know if my modem supports it or not. And if my modem does, how can I enable it (hope it's just hidden somewhere )
Please someone makes a quick explanation about the loopback function of a router and let me know if my modem supports it.
Thanks for your reply, Nexus. I've understood a little more about loopback, but the resolution is not very good. Using the hosts file instead of dns is not what I expect.
I've heard there' re some kinds of routers have the loopback function built-in. Please tell me how it works (basically), then we could find another solutions (better or worse, who knows ? ).
Thanks, guys.
Distribution: OpenBSD 4.6, OS X 10.6.2, CentOS 4 & 5
Posts: 3,660
Rep:
Allowing traffic to traverse the external interface of your firewall twice isn't very secure any way. It can allow for spoofing unless very tightly configured.
I don't believe the traffic traverses any external interface. In a typical Linux-based iptables implementation (which is used in many commodity routers),, this is done prerouting, so it never reaches the external interface.
Some Zyxel products provide NAT loopback, but I don't think the 600 does. They can be accessed through a telnet session command line. A KB articles describes:
I agree with chort; it is better not to rely on this feature, and instead setup a split DNS or use a hosts file (easiest). Some mail servers won't use the hosts file, so you'd need split DNS in any case if you decide to run such a server.
Thanks for your replies, lads . Zyxel 600 series modems have NAT loopback function and I've enabled it via command line. (I bought the modem without any manuals :|) Everything 's fine now.
But I wonder if there're some security issues as you said. Please leave some links refer to the issues. Thanks .
PS: Configuring DNS server is a good way, though. Why didn't I think about such a simple solution like this ?
Excellent! I'm now not surprised that you were able to enable the feature; so many commodity items have hidden feature sets, often artificially suppressed to create full range of products.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.