| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 141912 | 2016-03-22 05:26:00 | Port forwarding to access my home web server | chiefnz (545) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 1417927 | 2016-03-22 05:26:00 | Ok so I am running a CentOS 7 based webserver at home. Nothing fancy just serving up a simple website... for now but more complexity to come later. The trouble I'm having now is that I cannot seem to get port forwarding working on my modem which to be frank is the standard Vodafone POS Huawei HG659 unit. So here's the guts of things: I have a static IP address supplied by Vodafone. I can get to the router login via the provided static IP address. The server has a static IP on the local network. I've set up the following port forward rule. Mapping name: "mywebserver" Application: WebServer(HTTP) Internal Host: Set to the server's ethernet connection. Note there is no way to set this by MAC or IP address on the modem just a drop down selection menu listing all the devices currently connected to the modem. I've pretty much "allowed" all http/https traffic through the firewall on the webserver.... probably a bit risky but given I am only getting as far as the modem login screen probably not a major issue right now. DisclaimerI am looking at potentially getting a new modem with a little more "Smarts" this the current POS I have but before I go forking out $150+ for new router I want to be absolutley sure this will not work on the modem I have. I am aware others have gotten it to work... but just about all the posts I've read the same people went ahead and bought a new router anyways so not much of a benchmark to be fair. Any advice would be helpful. Thanks in advance. |
chiefnz (545) | ||
| 1417928 | 2016-03-22 07:12:00 | Are you trying to connect from outside your LAN? Turn off the routers web control panel on the external interface! |
fred_fish (15241) | ||
| 1417929 | 2016-03-22 07:22:00 | Yea you shouldn't be able to access the router from the internet side! However if you are testing from your internal network then you will have issues, you need to be able to test from another internet connection. |
CYaBro (73) | ||
| 1417930 | 2016-03-22 08:01:00 | Are you trying to connect from outside your LAN? Yes I've been testing access from my tablet via 3G/4G mobile broadband - no dice! Turn off the routers web control panel on the external interface! Forgive my ignorance but any ideas on how to do this? I've been through all the menu options and there is nothing blatantly obvious that allows me to do this? On another note... given this issue and the future need for some more "advanced" networking needs (VPN, FTP etc.) I'm looking at getting a new modem... any suggestions? I've been looking at a few Draytek, DLink, Netgear and Asus models. I need something with the following... VDSL/VDSL2+ etc and UFB capable. SPI firewall NAT/port forwarding VPN (would be nice but not essential... at this stage) FTP/SAMBA etc. Dual band WiFi providing 802.11b/g/n/a/ac etc. At least 4 Gb ports plus 1 for WAN (UFB) USB ports optional but would be nice to have. Thanks for the replies. Cheers. |
chiefnz (545) | ||
| 1417931 | 2016-03-22 08:24:00 | I've got one I'm just using as a wireless AP & Gb switch so can't test from "outside", but it looks like the web control panel is only available on the LAN side anyway - my guess is your tablet is still using wireless, so port 80 on your router address is serving it's own page. How exactly are you addressing it? Can you connect directly to your server (by LAN IP or name) and get your webserver? Edit: You probably don't need a new router, if you're running CentOS anyway, just use that to provide your VPN, FTP, whatever services you want. Edit: doesn't the 659 hit all those specs anyway? |
fred_fish (15241) | ||
| 1417932 | 2016-03-22 09:09:00 | I feel your pain, that router is a pile of garbage and we can't replace it because the landline won't work. :annoyed: However I have managed to forward several ports, make sure port 80 (specifically) is open on the server too. Also, if you're trying to access the server with HTTPS, that's a different port that will take you to the router page by default. |
pcuser42 (130) | ||
| 1417933 | 2016-03-22 12:03:00 | Hi chiefnz, Check that you are allowed to do this, ISP may be blocking. I would assume your port forwarding rules sound correct. I do not know how you serve your files, what location do they reside in? Firewall maybe interferring: Test method not best, is turn your firewall off. #systemctl stop firewalld #systemctl disable firewalld We will turn it on when things are all working and create the right rules for it. I would turn off SELinux too unless you know how to make policies for it, although httpd ones do exist, just making sure the directory is correct can be troublesome too, usually again I set this up after I have my web server running correctly. vi /etc/selinux/config change line to say SELINUX=disabled and reboot your computer. So what web server are you running? Did this help? We may need to view logs to see if theres any hints. Another test you could try is telnet, nc, wget to see a more verbose reason why outside connections aren't happening. Unfortunately, I'll forever be writing it from my phone, so I'll try and return when I am behind a computer. Cheers, KK |
Kame (312) | ||
| 1417934 | 2016-03-22 21:04:00 | I've got one I'm just using as a wireless AP & Gb switch so can't test from "outside", but it looks like the web control panel is only available on the LAN side anyway - my guess is your tablet is still using wireless, so port 80 on your router address is serving it's own page . How exactly are you addressing it? Can you connect directly to your server (by LAN IP or name) and get your webserver? Edit: You probably don't need a new router, if you're running CentOS anyway, just use that to provide your VPN, FTP, whatever services you want . Edit: doesn't the 659 hit all those specs anyway? I defintely have WiFi disabled on the tablet and using mobile broadband . I am using the static IP provided to me by my ISP (Vodafone) . Strangest thing is that even if I use myipaddress it always translates to https? Even if I did http: I still get the https link . The 659 does have all those specs but in all honesty it is quite frankly a "consumer" based product and I'd like something with a little more smarts and advanced features . I feel your pain, that router is a pile of garbage and we can't replace it because the landline won't work . :annoyed: However I have managed to forward several ports, make sure port 80 (specifically) is open on the server too . Also, if you're trying to access the server with HTTPS, that's a different port that will take you to the router page by default . Amen to the router being a POS . Server definitely has firewalld configured to allow http/s traffic through as I can access it from any device on the LAN . Even if I did http://myipaddress:80 I still get the https link . Hi chiefnz, Check that you are allowed to do this, ISP may be blocking . I would assume your port forwarding rules sound correct . I do not know how you serve your files, what location do they reside in? Firewall maybe interferring: Test method not best, is turn your firewall off . #systemctl stop firewalld #systemctl disable firewalld We will turn it on when things are all working and create the right rules for it . I would turn off SELinux too unless you know how to make policies for it, although httpd ones do exist, just making sure the directory is correct can be troublesome too, usually again I set this up after I have my web server running correctly . vi /etc/selinux/config change line to say SELINUX=disabled and reboot your computer . So what web server are you running? Did this help? We may need to view logs to see if theres any hints . Another test you could try is telnet, nc, wget to see a more verbose reason why outside connections aren't happening . Unfortunately, I'll forever be writing it from my phone, so I'll try and return when I am behind a computer . Cheers, KK I'm using the standard location -/var/www/html Even with SElinux disabled I still get the same problem i . e . the gateway home page . Getting to the website via internal network actually worked before I disabled SELinux . I do suspect this is ISP related as they are able to push firmware updated to the modem . . . . though having said that they'd probably use something like SSH/SFTP but given what I've seen from other ISP's it wouldn't surprise me if they were using https to update the firmware etc . Using the standard Apache webserver which comes with CentOS 7 (15 . 11 build) I'm going to go modem shopping later and see what I can pick up . Thanks for all the replies . . . even though it's not working I'm quite happy that I have performed most if not all of the suggestions provided so tick box for troubleshooting knowledge . :) Cheers, |
chiefnz (545) | ||
| 1417935 | 2016-03-22 21:27:00 | I feel your pain, that router is a pile of garbage ...... .....garbage for anything but basic/home usage :) OK for most people who will never port forward/DMZ etc Is the wifi on it as bad as many claim ? I found (on 2 of those) some ports simply will not actually forward, even DMZ some ports stay blocked I'd bet that since its designed to allow the ISP's help desk easy access to it, to check settings etc, perhaps some ports will be assigned for the ISP's back door in their custom firmware . |
1101 (13337) | ||
| 1417936 | 2016-03-22 23:58:00 | Aah, you're being redirected to HTTPS - you might have to disable remote management in the router, but I can have a look when I get home and see what else I can find that might help. :) Another thought, clear the cache on the browser you're trying to access the server from. Port 8080 (IIRC) is reserved but port 80 isn't. Otherwise my server would be useless ;) | pcuser42 (130) | ||
| 1 2 | |||||