run web server behine router

Discussion in 'Linux Networking' started by quickcur, Jul 16, 2006.

  1. quickcur

    quickcur Guest

    I run Apache on my home PC which is behind a Netgear router. It gets
    dynamic IP address from Comcast. I would like to visit the web server
    from outside. I went to dyndns.org and registered an account
    "mydomin.dyndns.org". I also did port-forwarding (port 80 for http) on
    my router. But I can not "ping" or visit my web server from outside
    with browser.

    I do not think my isp is blocking port 80 because if I do not use the
    router, I can visit the web server from outside.

    What did I do wrong?

    Thanks

    qq
     
    quickcur, Jul 16, 2006
    #1
    1. Advertisements

  2. Hello,

    You most likely did not properly configure the router, since that is what
    is failing (it works without the router). This means that it cannot be a
    DNS issue, and it certainly cannot be an IIS issue (is IIS even involved
    in this?).

    If you are sure you have properly configured the router, do you really use
    a machine outside the router? If not, perhaps your router does not support
    loop-back?
     
    Kristofer Gafvert, Jul 16, 2006
    #2
    1. Advertisements

  3. quickcur

    Larry Finger Guest

    Which Netgear router? Is your firmware up to date? The router firmware or configuration seems to be
    the problem.

    I have a similar setup with my Linksys WRT54G router connected to Time Warner Roadrunner service. On
    one of my internal machines I run a subversion server for the sources in a couple of program
    projects that I host. I also have a registered a domain name with DynDNS.com. The only thing I had
    to worry about is that I have 3 other computers behind the NAT router and I use DHCP for them. To
    ensure a constant IP address for the SVN server, I assigned a fixed IP address outside the dynamic
    range. This way the server always has the same internal address for router forwarding of the SVN
    packets.

    Larry
     
    Larry Finger, Jul 16, 2006
    #3
  4. quickcur

    Guest Guest

    Ping is a different port and probably blocked by your isp as well as
    your router.

    If You can reach the web page from outside with out the router you have
    'nt got the forwarding right in the router. FYI your router may be
    blocking the returned info from your website to the outide world.
     
    Guest, Jul 16, 2006
    #4
  5. quickcur

    quickcur Guest

    Thanks for your emails.

    Here is my router config from http://192.168.1.1/start.htm

    # Service Name, Start Port, End Port, Server IP Address
    1 AIM 5190 5190 192.168.1.2
    2 HTTP 80 80 192.168.1.2

    I do not know what else I should do.
     
    quickcur, Jul 16, 2006
    #5
  6. Get rid of the router and install Windows 2000 server as a stand-alone on an
    old 500mhz box, with two NICs and configure RRAS as a router. and RAS and
    configure inbound and outbound packet filters. You'll need to spend some big
    bucks to get the same features in a store bought router.

    --
    Best regards,
    Kevin D. Goodknecht Sr. [MVP]
    Hope This Helps
    ===================================
    When responding to posts, please "Reply to Group"
    via your newsreader so that others may learn and
    benefit from your issue, to respond directly to
    me remove the nospam. from my email address.
    ===================================
    http://www.lonestaramerica.com/
    http://support.wftx.us/
    https://secure.lsaol.com/
    ===================================
    Use Outlook Express?... Get OE_Quotefix:
    It will strip signature out and more
    http://home.in.tum.de/~jain/software/oe-quotefix/
    ===================================
    Keep a back up of your OE settings and folders
    with OEBackup:
    http://www.oehelp.com/OEBackup/Default.aspx
    ===================================
     
    Kevin Goodknecht [MVP], Jul 16, 2006
    #6
  7. quickcur

    Larry Finger Guest

    I do this with a $70 Linksys WRT54G, which takes a whole lot less electricity that any old 500 MHz
    box, didn't cost me a Windows 2K license, and has never given me a BSOD! In addition, it is a
    wireless AP.

    Larry
     
    Larry Finger, Jul 17, 2006
    #7
  8. quickcur

    biggerdigger Guest

    I am looking myself for an ISP which allows me to run my own servers,
    including a web server, of course, on my own computer. Out of curiosity
    I checked COMCAST's terms of service. COMCAST hides the terms quite
    well. Anyway, they offer the same kind of sickening service like COX
    and VERIZON do. Have a closer look at section 14.

    http://www.comcast.net/terms/use.jsp

    Prohibited uses include, but are not limited to, using the Service,
    Customer Equipment, or the Comcast Equipment to:
    ....
    run programs, equipment, or servers from the Premises that provide
    network content or any other services to anyone outside of your
    Premises LAN (Local Area Network), also commonly referred to as public
    services or servers. Examples of prohibited services and servers
    include, but are not limited to, e-mail, Web hosting, file sharing, and
    proxy services and servers;
    ....

    To me, it does not matter whether an ISP limits my Internet access or
    the Chinese government. Welcome to the not-so-free Internet in the USA!

    I also found the following introduction quite interesting. Loan-sharks
    have better terms!

    Important Note: Comcast may revise this Acceptable Use Policy (the
    "Policy") from time to time without notice by posting a new version of
    this document on the Comcast Web site at http://www.comcast.net (or any
    successor URL(s)). All revised copies of the Policy are effective
    immediately upon posting. Accordingly, customers and users of the
    Comcast High-Speed Internet Service should regularly visit our web site
    and review this Policy to ensure that their activities conform to the
    most recent version. In the event of a conflict between any subscriber
    or customer agreement and this Policy, the terms of this Policy will
    govern. Questions regarding this Policy and complaints of violations of
    it by Comcast customers and users can be directed to
    http://www.comcast.net/help/contact/.
     
    biggerdigger, Jul 17, 2006
    #8
  9. I get Verison Fios for business, 5 static IPs, 5M/2M, and all the
    servers I want for $100/month. No-one is limiting anything, but you
    gotta pay more if you want something more than consumer service.

    [Note, the requirement to pay more money for a better class of service
    doesn't count as a 'limitation' or an infringement on your civil
    rights.]
     
    William P.N. Smith, Jul 17, 2006
    #9
  10. quickcur

    Dave Guest

    where can i get that $100/mo service????

     
    Dave, Jul 17, 2006
    #10
  11. quickcur

    biggerdigger Guest

    Let's try the common sense approach here, shall we? Most people cannot
    afford additional charges of $100/month to their telco bill. The math
    is quite simple. The telcos know that.

    And what kind of service do we get? Is your telco going to fix your
    problem on your server? I doubt it. What exactly is different if
    someone runs a server? The bandwidth from the customer to the CO is
    already crippled by an order of magnitude. Does anything depend on from
    where the connection was initiated? What exactly is the justifications
    for the COMCAST COX VERIZON Chinese Government style terms of services?
    Why do the telcos have a problem to be upfront with their terms of
    service? When I contacted Verizon, I was told on the phone that I can
    only get the terms of service with my order. Go to the telcos web sites
    and see if you find the terms of service on the same page where you
    sign up. Do you smell a rat?

    The telcos cripple all services because they want to sell them over and
    over again. And they want to prohibit people from running servers,
    because the telcos are planning to expand their service monopoly in the
    future. That is why we cannot run servers on our computers. That is why
    they are selling junk.

    Some telcos even cripple the firmware of their customers' phones. How
    sick is that?
    http://digg.com/gadgets/Verizon_Cripples_RAZR_Phones_Audio_Ability
     
    biggerdigger, Jul 18, 2006
    #11
  12. William P.N. Smith, Jul 18, 2006
    #12
  13. How do you go from "I can't afford it" to "these restrictions are like
    those that the Chinese government imposes on everyone in China"?

    Yes, it's all about economics, you can have any bandwidth, and run any
    servers you want as long as you are willing to pay for the priviledge.
     
    William P.N. Smith, Jul 18, 2006
    #13
  14. quickcur

    Dave Guest

    yeah, tracked it down... not available here. currently paying almost
    $200/mo for 128kb isdn plus separate isp since verizon doesn't do idsn isp
    service any more. they'll take your money for the line, but won't give you
    anything but that now. t1 quoted over $2k/mo out here in the sticks.

     
    Dave, Jul 18, 2006
    #14
  15. quickcur

    quickcur Guest

    Come on, guys, stop. Please do not talk about China, we are in USA.

    I do not care about their contract, yet. All I want right now is to
    prove that I can setup a server and people can access it. It seems to
    be true because if I take out the router, everything works fine. Now,
    my problem is how to run my server behind router? Did anyone find any
    trick that is not commonly known?

    Please help with my problem.

    qq

     
    quickcur, Jul 19, 2006
    #15
  16. Back to the OP and his original problem. If it definitely works from
    outside without the router, then the router is not doing the right
    thing. Make sure you have the latest firmware, and that you are
    pointing at the LAN IP that you think you are. Better yet, either use
    port triggering, or a static LAN IP to ensure that your 'server' can't
    inadvertently move.
     
    William P.N. Smith, Jul 19, 2006
    #16
  17. quickcur

    BobT Guest

    William P.N. Smith wrote:

    I'd second this - the following works for me.

    1) assign your server PC a static IP number with a high last one - like
    192.168.1.200
    2) on the router make sure that the IP numbers available for dynamic
    dishing out to the other computers in the place do not go as high as
    192.168.1.200 - restrict them to maybe 192.168.1.100 and below.
    3) set port forwarding on the router for port 80 to 192.168.1.200

    That should do it.

    BobT
     
    BobT, Jul 19, 2006
    #17
  18. quickcur

    medman Guest

    The way to get around the COMCAST problem and use their service to be
    an ISP is to use ports out of the range of their scanners. Any port
    above 100000 should do the trick.
     
    medman, Jul 19, 2006
    #18
  19. quickcur

    Tauno Voipio Guest

    It won't do - the port number is an 16 bit unsigned integer with
    a maximum value of 65535.

    I'd start attempting with a port above 49152 (0xc000).
     
    Tauno Voipio, Jul 19, 2006
    #19
  20. Yeah, that'll be well out of the range of anyone's scanners. 8*)
    [Hint, port numbers are 0-64K]
     
    William P.N. Smith, Jul 19, 2006
    #20
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.