Networking issue with my web server
Ok I have been trying to figure this out on and off for about 6 months now and have had no luck at all. I have my Ubuntu server up and running with apache, php, and mysql. I can see the server and the site on my local network with the static IP I gave it all good to go. But when I try my static my isp gave me I get nothing. I have a zoom adsl 5551a modem and a DLink 8 port 707p router, I have changed the nat setting on my modem as instructed by zoom and I have set the settings on the virtual server set up on the dlink. But still nothing.
I have called tech support from both hardware companies and my isp but non of the are any help. Does any one have a hardware set up like mine or can anyone suggest a better modem or router that they use and have no problem with? Or is there something server side that might cause this? Thanks in advance Also I have turned off all firewalls that I could find. |
First let me say that I am no expert at this and my terminology may be off but I have set up a few home servers. I needed the firewall to to forward incoming traffic to the server. Start at the modem and forward port 80 traffic to the ipaddress you give the box with the server on it. Check from that box with ifconfig. Next you will need to do the same thing on the router. Both should have a configuration page that you can open with a web browser. There may be a better way of doing it by setting the server up in a dmz zone;
http://www.boutell.com/newfaq/creating/dmz.html Some port forwarding stuff; http://www.brennan.id.au/06-Firewall_Concepts.html Not sure about your modem but mine has a built in firewall. It can be confusing and at least I got the ball rolling untill someone better comes along post some more info about how yor network is setup etc. |
For starters you don't need a stand-alone router at all, Linux can take care of all that & will do a far better job of it than most commercial routers anyway. You wont need to do anything with the NAT capabilities of your modem either as iptables can do this as well. All you need to do is to get the server to access the Internet, then use iptables to configure routing, NAT & protection.
I could talk you through the entire process but this HOWTO -- http://www.tldp.org/HOWTO/IP-Masquer...WTO/index.html -- would be the best place for you to start. Especially important is how to configure iptables, it is the heart & soul of a good, fast & secure Internet gateway. It also includes a great script to get you started, but my advice would be for you to learn how the script works, especially the iptables part, & then either customize it to your own needs or get an iptables GUI to configure the firewall, router & any NAT'ing you might want, I use & love KMyFirewall which you should be able to get from http://kmyfirewall.sourceforge.net/ If you have any questions about anything you read in the HOWTO post it to this thread so I am sent a copy & can hopefully help you further. |
Quote:
Very bad advice. 1. Hardware routers work better (in 90% of cases) than a pc running nat/firewall. Most people do not have the time or knowledge to setup a software based approach. Routers work because they are designed to do one job (or two). People also dont usually try to play doom on their router. 2. unless you need a feature that your router doesnt provide and you are just using this a home/soho system, their is no need to get rid of the router. You just need to forward your needed ports from the router to the PC. Too many holes and things are left to chance for a novice to setup a linux/BSD firewall/router. Soule |
I have both my modem and my router forwarding port 80 to my server but I still get nothing. When I type in my ip from my isp it just times out and says documnet contains no data. I will post s.s. of my configs when I get home.
|
As a note make sure you have a public IP. Many ISP's are now using NAT internally. That way they can control bandwidth better and keep everyone from using home servers. That way if you want to run a home server (or just have remote access) you will have to pay more for a business account.
Soule |
soulestream makes a good argument but all I have to go on is my own experience with stand-alone routers which have not been pleasant ones.
Quote:
As for Tux_Phoenix actual problem : Quote:
But more that likely, as soulestream said, the problem is with your ISP. I know my ISP, Optusnet here in Australia, blocks certain ports particularly port 80. To check which ports your ISP is blocking you first need to temporarily either open all ports on your router/modem or remove your router entirely & connect directly to the Internet through your modem with no firewalling at all, also ensure iptables is not running on the PC that your modem plugs into which you have probably already done, remember you will be vulnerable during this but it's only temporary. Then go to an online port scanning site, I like www.grc.com the best (which seems to be down at the moment?!?) but there are hundreds out there, you could try http://www.portsense.com/prescan.cfm From the results you you will see which ports your ISP is blocking because this scan should find that ALL your ports are OPEN as your firewall is not doing anything but some will be closed/filtered/stealth/blocked or whatever the scanner calls it, these ports are the ones your ISP is blocking you from using. To get around this you could configure Apache, or the HTTP server you use, to listen to a different port, like the secure HTTP port 443, the problem with this is that to access your HTTP server from the outside world one must add :443 to your web address. So as soulestream stated, if you want to run a real HTTP server to host your own publicly available website you need to pay more to your ISP to get access to port 80. But just as a further note, a few years ago I was having trouble with my ISP so I called them to find out what was going on, I spoke to an unusually helpful bloke who unblocked port 80 for me, which he really wasn't supposed to do. I can't remember exactly what I said to get this but it happened, you might want to try the same, just don't tell them you wish to host a website!!! Let us know how you go! |
All times are GMT -5. The time now is 04:57 PM. |