Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I'm learning my way around the various networking concepts of the internet and have stumbled across an interesting situation. I've been playing with apache on my home server and have forwarded the appropriate port from my router so that I can access it from the internet by going to my home ip address from a web browser outside of my home network (from work, for example =P).
The issue I have come across is that now I can no longer get to my router's setup page by typing in its ip address (which is now forwarded to my home server) so I can no longer change any other settings remotely.
My first thought was to set up a webpage on the home box that redirects me to 192.168.1.1 but this doesn't have the intended result.
Is there a way to set up a "pipe" through my home box, or something of a similar nature? In this case I will be able to access the machine physically in a few hours, but what if it was not accessible?
Maybe it would be easier to run Apache on a different port, so you can use the router interface on port 80 and the Apache instance from, say, port 8080 ?
Distribution: Ubuntu Hardy Desktop, Solaris 10, Workstation 2008 x64
Posts: 75
Rep:
Detail Please
What router?
Most routers allow administrative access internally only. I presume you have ssh access to your server?
You were nearly there by redirecting to 192.168.1.1, but as my understanding, that tells your browser to go to 192.168.1.1, not to route the connection. your work computer tries to lookup 192.168.1.1 on the work network, which hopefully isnt attached to anything.
You need to port foward port 80 on 192.168.1.1 to a port on your windows client and then connect to that port from your client, eg
ssh -L 8080:192.168.1.1:80 user@host
or use putty in windows.
Good luck
EDIT: Fogot to say after all that on the client fire up a web browser and go to http://localhost:8080, and the local port traffic will be routed through the ssh session to your server from the server to the router internally.
Also, dave, if the port is externally fowarded it wouldnt matter if he changed the apache port now cus the router would still just foward the connection on to a server that isnt listening
Last edited by Geneset; 09-30-2008 at 04:10 PM.
Reason: forgot to finish
Also, dave, if the port is externally fowarded it wouldnt matter if he changed the apache port now cus the router would still just foward the connection on to a server that isnt listening
Obviously, he'd have to change the forwarded port from 80 to 8080...
Distribution: Ubuntu Hardy Desktop, Solaris 10, Workstation 2008 x64
Posts: 75
Rep:
Quote:
Originally Posted by ilikejam
Obviously, he'd have to change the forwarded port from 80 to 8080...
My apologies, I think were getting confused; your right, if the apache port is changed to 8080, to access the apache server externally the forward would need to be changed to 8080, which would then *presumably* allow external access to the router configuration pages.
My previous response was about keeping the apache server externally accessible on port 80, and eliminating "public" external access to router configuration and enabling a tunneled connection from client port 8080 to the internally accessible router port 80.
As stated, this would be alot simpler if we knew what router we were talking about.
Most routers allow administrative access internally only. I presume you have ssh access to your server?
The router is a Linksys WRT54GL, and I was able to access the administration page externally before I added the port forwarding and can ssh into the server.
Thanks for all the info, server is offline right now but I will try all of this out as soon as I get it back up and running again.
Distribution: Ubuntu Hardy Desktop, Solaris 10, Workstation 2008 x64
Posts: 75
Rep:
I use exactly the same router (its actually acting as a bridge atm, but nvm) altho I didnt know the default firmware allowed external admin access.........
While I'm here, check out the DD-WRT and Tomato firmwares. Lots more control and a helluva lot prettier than the factory firmware. I'd recommend Tomato.
Anyway, good luck and let us know how it turns out.
Just tried it out and it is working properly. So let me see if I understand exactly what is going on here:
ssh -L 8080:192.168.1.1:80 user@host
We are creating a socket that listens to port 8080 on the local machine, and when any traffic is received by the local machine on that port (for example, by going to http://localhost:8080), it is re-routed over the ssh connection to the remote host and sent to 192.168.1.1:80. Right?
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.