LinuxQuestions.org
Review your favorite Linux distribution.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 06-25-2012, 04:04 PM   #1
doubtingthomas
LQ Newbie
 
Registered: Jun 2012
Posts: 6

Rep: Reputation: Disabled
Accessing httpd behind a router


guys, this one has got me stumped. i know it has been talked about before but none of the threads gave me any answer.

i am using "netgear DGN-2200" wireless router (switched a few days ago after my previous moded failed to start one day)and the latest kubuntu-linux.
i always had a fairly active apache server that i use to develop web apps, which i do need to access from outside my wireless and from work.
so after the wireless-upgrade i made at home i cannot whatsoever access my IP address without hitting the router log-in page.

so far i figured out my computers MAC address and made a LAN reservation for 10.0.0.2 connecting to it.
ive made a router-firewall rule to pass HTTP:80 services to 10.0.0.2
took special attention to make sure remote-managment is off.
made sure that apache is listenning to port 80 (or at least, there is a command called "Listen 80" on ports.conf, and that this file is included in the apache2.conf)
BTW: accessing 10.0.0.2 from my computer on my browser DOES lead me to my apache server

soooo im just going crazy!

please help me!
 
Old 06-25-2012, 05:51 PM   #2
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 415Reputation: 415Reputation: 415Reputation: 415Reputation: 415
You more than likely need to assign a static IP to your router for that machine to route the requests to. If you have a static IP and have assigned it to your internal IP on the router as well as forwarding the port 80 you should have no problems. Although, I have never used netgear as I am not fond of their products but this is the setup that will work for Cisco/Linksys devices.
 
Old 06-25-2012, 07:07 PM   #3
michaelk
Moderator
 
Registered: Aug 2002
Posts: 26,211

Rep: Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100Reputation: 6100
Nope, your not crazy its just how a NAT router works. You will have try from a computer outside of your LAN. It does appear that you have the router and computer configured correctly.

FYI it might be against your ISPs rules to run a website from home and they might even block port 80.
 
Old 06-26-2012, 06:37 AM   #4
doubtingthomas
LQ Newbie
 
Registered: Jun 2012
Posts: 6

Original Poster
Rep: Reputation: Disabled
thank you, i appreciate your help.
i filed a complaint with my ISP and they should get back to me with an answer within the next few hours. thing is, i didnt have any problem running apache for years until i switched to this router, so im a little skeptic about them port-blocking me.

http://www.yougetsignal.com/tools/open-ports/
checking with this tool port 80 returns that it is closed. this is very frustrating.

my ISP`s IP is dynamic, however i did reserve a LAN IP to my computers mac-address (10.0.0.2). is there any other IP im not aware of?

finaly, i should mention that i tried accessing my home-server from work, from my mobile phone (on a 3G network) and from my own computer with http-proxy. all returnning either "bad-gateway" or "unable to reach page".
 
Old 06-26-2012, 08:09 AM   #5
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 20.1 (Laptop) and 20.2 (Desktop)
Posts: 1,690

Rep: Reputation: 487Reputation: 487Reputation: 487Reputation: 487Reputation: 487
Quote:
so far i figured out my computers MAC address and made a LAN reservation for 10.0.0.2 connecting to it.
ive made a router-firewall rule to pass HTTP:80 services to 10.0.0.2
Have you set up port forwarding for port 80 to 10.0.0.2 in your router's config?

Play Bonny!
 
Old 06-26-2012, 08:30 AM   #6
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
Quote:
Originally Posted by Soadyheid View Post
Have you set up port forwarding for port 80 to 10.0.0.2 in your router's config?

Play Bonny!
This.

It sounds like you just opened a firewall rule that will allow outside users to access your machine on port 80, but you never set up a forwarding rule so that incoming connections on port 80 are actually forwarded to that machine.
 
Old 06-26-2012, 11:05 AM   #7
Soadyheid
Senior Member
 
Registered: Aug 2010
Location: Near Edinburgh, Scotland
Distribution: Cinnamon Mint 20.1 (Laptop) and 20.2 (Desktop)
Posts: 1,690

Rep: Reputation: 487Reputation: 487Reputation: 487Reputation: 487Reputation: 487
Quote:
It sounds like you just opened a firewall rule that will allow outside users to access your machine on port 80, but you never set up a forwarding rule so that incoming connections on port 80 are actually forwarded to that machine.
I'm not quite sure what you mean here. Within a routers set up GUI there's usually a means to configure port forwarding. I use it to allow Internet access to my nas device through a specific port. I haven't set up any firewall port access on either a computer or the nas device.
By specifying the port and the static IP of the device on the lan side of the router, that's the only place any external requests go.

Does that make sense?

Play Bonny!
 
Old 06-26-2012, 02:20 PM   #8
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 415Reputation: 415Reputation: 415Reputation: 415Reputation: 415
I still think the issue here is the dynamic IP and NAT translations on the router. If you get a static IP from your ISP and assign that secondary static IP in your router for the NAT translation to that 10.0.0.2 address and have done the router port forwarding as you say you have then all should work as it should.
 
Old 06-26-2012, 02:24 PM   #9
doubtingthomas
LQ Newbie
 
Registered: Jun 2012
Posts: 6

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by Soadyheid View Post
Have you set up port forwarding for port 80 to 10.0.0.2 in your router's config?

Play Bonny!
hmmm well im not quite sure of that....
the firmware my router uses has no "Port forwarding\Port trigerring" entry, but instead uses "Firewall rules" and as a result im not so sure as to how im supposed to do this...

this is a screen capture of the firewall rules and the sidebar
http://www.linuxquestions.org/questi...1&d=1340738313
note that since my first message i accidently changed my computers LAN ip changed to 10.0.0.3 (changes to rules made accordingly) and that out of shear dispare i changed the "service name" to ALL.
Attached Thumbnails
Click image for larger version

Name:	screen1.jpeg
Views:	19
Size:	236.1 KB
ID:	9973  
 
Old 06-26-2012, 02:29 PM   #10
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 415Reputation: 415Reputation: 415Reputation: 415Reputation: 415
Thomas, the issue here is your IP! Lets say for example your ISP assigns you a dynamic ip of 64.66.122.88 or something of that fashion. When you try to send an http request to that IP it will route to your router, your router does not have that IP assigned to a NAT translation rule for an internal IP(each internal IP would need a static external IP to translate to) so it simply does its job and reject the connection or display a default web page that is hosted on the router. This is a security feature to help you and there is no way you can setup a dynamic IP to translate to an internal IP as far as I am aware due to the fact that it constantly changes.

So yes, your router is allowing inbound and outbound connections to your server on port 80 but there is no route to the server from external connections.

Think about it, if you had 10 servers setup behind the router you wanted to access over http you wouldn't be able to use just one IP, you would have to get a separate one for each and assign it to the internal IP on the router so your router knows where to send the traffic.
 
Old 06-26-2012, 02:56 PM   #11
doubtingthomas
LQ Newbie
 
Registered: Jun 2012
Posts: 6

Original Poster
Rep: Reputation: Disabled
Ok well i completely understand what you said... is there anyway i can set it manually?
i tried doing a "Static route" and i ran into a wierd problem where the router would set 10.0.0.3 to .0 and had absolutlely no affect...

EDIT: by "it" i mean a translation table or route...

Last edited by doubtingthomas; 06-26-2012 at 03:01 PM.
 
Old 06-26-2012, 03:08 PM   #12
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 415Reputation: 415Reputation: 415Reputation: 415Reputation: 415
Within your router you should be able to set a static IP to translate to internal. Most routers are using Cisco firmware or something proprietary but is very similar. A NAT rule is pretty simple, it tells your router/firewall that IP 1.1.1.1 translates to 10.0.0.1 and 2.2.2.2 translates to 10.0.0.2. Without a static IP you won't be able to set these rules as it will change.
 
1 members found this post helpful.
Old 06-26-2012, 03:29 PM   #13
kindofabuzz
Member
 
Registered: Mar 2010
Location: There
Distribution: Linux Mint 17.1
Posts: 237

Rep: Reputation: 46
disable NAT forwarding on your router.
 
Old 06-26-2012, 03:36 PM   #14
Kustom42
Senior Member
 
Registered: Mar 2012
Distribution: Red Hat
Posts: 1,604

Rep: Reputation: 415Reputation: 415Reputation: 415Reputation: 415Reputation: 415
Quote:
Originally Posted by kindofabuzz View Post
disable NAT forwarding on your router.
No.. and Why?
 
Old 06-26-2012, 04:01 PM   #15
suicidaleggroll
LQ Guru
 
Registered: Nov 2010
Location: Colorado
Distribution: OpenSUSE, CentOS
Posts: 5,573

Rep: Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142Reputation: 2142
Quote:
Originally Posted by Kustom42 View Post
Thomas, the issue here is your IP! Lets say for example your ISP assigns you a dynamic ip of 64.66.122.88 or something of that fashion. When you try to send an http request to that IP it will route to your router, your router does not have that IP assigned to a NAT translation rule for an internal IP(each internal IP would need a static external IP to translate to) so it simply does its job and reject the connection or display a default web page that is hosted on the router. This is a security feature to help you and there is no way you can setup a dynamic IP to translate to an internal IP as far as I am aware due to the fact that it constantly changes.
That is incorrect. I think you're hung up on setups with multiple public, static IPs and using NAT to assign each one to a local machine...with a single external IP and an internal network you need to set things up completely differently. You assign the public IP to the router itself, and then use port forwarding to direct incoming connections to the various machines on the local network. Whether the external IP is static or dynamic makes absolutely no difference to the behavior of the system.

kindofabuzz is correct; turn off NAT, and set up port forwarding. I'm sure the router can do it, I've never found one that can't.

Last edited by suicidaleggroll; 06-26-2012 at 04:04 PM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Accessing Apache/HTTPD in Linux Home Network KinnowGrower Linux - Server 9 02-09-2010 09:19 AM
SELinux issue. (httpd & samba accessing same files and directories) vinten Linux - Security 2 01-08-2009 10:40 AM
httpd server behind router failing to respond to requests daiyu Linux - Networking 9 06-11-2006 08:51 AM
Accessing via Linksys router psycoperl Linux - Networking 0 09-18-2004 06:43 PM
Apache httpd/RP114 router problems DummyBot Linux - Networking 2 01-20-2004 03:48 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie

All times are GMT -5. The time now is 03:41 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration