NAPT from LAN on SpeedTouch 510i

Hello. I have some problems setting up NAPT on my Thomson SpeedTouch
510i DSL router. The problem is that the address translation is not
performed when I try to access services via the outside IP address from
the inside of the router (LAN).

I have a static IP address (80.203.231.89) which has different hostnames
registered in DNS (e.g. www.edge.no). Via the web interface, I choose to
direct connections to 80.203.231.89 (outside IP) on port 80 to
10.0.0.128 (inside IP) on port 80.

This works as long as I connect to www.edge.no on port 80 from the
outside of the router. However, when I try to access www.edge.no from
the inside of the router (home LAN) I just get a connection timeout.

Is there any way to fix this? The webpages on the server have some
absolute references to www.edge.no. I have also problems with other
services (mail, database etc.) when I try to access them from the LAN,
or when the server tries to access itself via the external IP.

(The Thomson Speedtouch 570i was sent me from my ISP as a replacement
for a Cisco 677i. The old router did not have this problem).

Any help would be greatly appreciated :-)

Best regards.
-Øystein

"Øystein Skotheim" <oystein+(E-Mail Removed)> wrote in message
news:eviejc$ekm$(E-Mail Removed)...
> Hello. I have some problems setting up NAPT on my Thomson SpeedTouch 510i
> DSL router. The problem is that the address translation is not performed
> when I try to access services via the outside IP address from the inside
> of the router (LAN).
>
> I have a static IP address (80.203.231.89) which has different hostnames
> registered in DNS (e.g. www.edge.no). Via the web interface, I choose to
> direct connections to 80.203.231.89 (outside IP) on port 80 to 10.0.0.128
> (inside IP) on port 80.
>
> This works as long as I connect to www.edge.no on port 80 from the outside
> of the router. However, when I try to access www.edge.no from the inside
> of the router (home LAN) I just get a connection timeout.
>
> Is there any way to fix this? The webpages on the server have some
> absolute references to www.edge.no. I have also problems with other
> services (mail, database etc.) when I try to access them from the LAN, or
> when the server tries to access itself via the external IP.
>
> (The Thomson Speedtouch 570i was sent me from my ISP as a replacement for
> a Cisco 677i. The old router did not have this problem).
>
> Any help would be greatly appreciated :-)
>
> Best regards.
> -Øystein

Not quite sure if this is your problem or not but.....

Someone on a different newsgroup was trying to set up an IP camera in his
home office so that he could access it and see images from the camera while
he was somewhere else in the country. He had it working OK from inside his
home network but not from the outside world. Anyway, someone else wrote this
as part of a reply:
************************************************** ********
One final word of warning - unless your Router supports loop-back, you will
NOT be able to see the camera via the internet. This is because the dyndns
address is straight back to YOUR router and not all routers can handle this.
So, get a nearby friend to look at it for you!
************************************************** ********

Maybe your new router does not support loop-back?

John.

"Øystein Skotheim" <oystein+(E-Mail Removed)> wrote in message
news:eviejc$ekm$(E-Mail Removed)...
> Hello. I have some problems setting up NAPT on my Thomson SpeedTouch 510i
> DSL router. The problem is that the address translation is not performed
> when I try to access services via the outside IP address from the inside
> of the router (LAN).
>
> I have a static IP address (80.203.231.89) which has different hostnames
> registered in DNS (e.g. www.edge.no). Via the web interface, I choose to
> direct connections to 80.203.231.89 (outside IP) on port 80 to 10.0.0.128
> (inside IP) on port 80.
>
> This works as long as I connect to www.edge.no on port 80 from the outside
> of the router. However, when I try to access www.edge.no from the inside
> of the router (home LAN) I just get a connection timeout.
>
> Is there any way to fix this? The webpages on the server have some
> absolute references to www.edge.no. I have also problems with other
> services (mail, database etc.) when I try to access them from the LAN, or
> when the server tries to access itself via the external IP.
>
> (The Thomson Speedtouch 570i was sent me from my ISP as a replacement for
> a Cisco 677i. The old router did not have this problem).
>
> Any help would be greatly appreciated :-)


I'm not surprised. You might try traceroute to see where the packets get
lost ...

Clearly, if you are on the internal network, you should use the internal IP
address of the web server.

It is very bad practise to use absolute references to the local website. If
you use relative references it should all work using both the local and
external connections.

--
Graham J

Graham wrote:

> I'm not surprised. You might try traceroute to see where the packets get
> lost ...

Traceroute has no problems with the external IP:

F:\Documents and Settings\Øystein>tracert 80.203.231.89

Tracing route to SpeedTouch.edge.no [80.203.231.89]
over a maximum of 30 hops:

1 <1 ms <1 ms <1 ms SpeedTouch.edge.no [10.0.0.1]
2 <1 ms <1 ms <1 ms blade [10.0.0.128]

Trace complete.

However, the network address port translation does not work:

F:\Documents and Settings\Øystein>telnet 80.203.231.89 80
Connecting To 80.203.231.89...
Could not open connection to the host, on port 80: Connect failed

When I use the internal IP:

F:\Documents and Settings\Øystein>telnet 10.0.0.128 80
HEAD / HTTP/1.0
HTTP/1.1 302 Found
[...]

> Clearly, if you are on the internal network, you should use the internal IP
> address of the web server.
>
> It is very bad practise to use absolute references to the local website. If
> you use relative references it should all work using both the local and
> external connections.

It is not that simple. The server has a bunch of virtual hosts with
links between them (the virtual hostnames all resolve to the external IP).

The only solution I have found so far is to make an /etc/hosts file on
every computer inside the LAN that has a mapping between all the
hostnames and the inside IP addresses (such that the hosts file is used
instead of DNS). However, I don't find this very elegant, and I still
have problems with services that has the outside IP in config files etc. :-/

-Øystein

Øystein Skotheim wrote:

> Graham wrote:

>> Clearly, if you are on the internal network, you should use the internal
>> IP address of the web server.

....

> It is not that simple. The server has a bunch of virtual hosts with
> links between them (the virtual hostnames all resolve to the external IP).
>
> The only solution I have found so far is to make an /etc/hosts file on
> every computer inside the LAN that has a mapping between all the
> hostnames and the inside IP addresses (such that the hosts file is used
> instead of DNS). However, I don't find this very elegant, and I still
> have problems with services that has the outside IP in config files etc.

If you can't get a router that supports what you're trying to do, then
install BIND and set up DNS internally.

--
<http://ale.cx/> (AIM:troffasky) ((E-Mail Removed))
20:24:47 up 3 days, 6:43, 2 users, load average: 0.39, 0.36, 0.30
Yes. I'm just guessing.