Hosting Web behind ADSL

M

marcf69

New Member
Joined
Dec 12, 2003
Messages
2
Reaction score
0
Location
.
Please help - I am trying to host some ftp/http pages on my local LAN behind my ADSL connection. I am using a Telkom POTS ADSL modem/router.

I have set up PAT to point all the incoming port 80 and port 21 connections to a PC on my network running IIS (please dont comment about Linux and Security! [:D])but I am getting nothing coming up when I test it at the external IP address from within the network.

I am running a Watchguard Soho 6 tc FW which has the ports 80 and 21 opened for inbound

any ideas would be greatly appreciated.

M
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by marcf69</i>
I am getting nothing coming up when I test it at the external IP address from within the network.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

You can't do that, NAT prevents it. Get someone outside your network to test it with your WAN IP. Test locally with the LAN IP.
 
NAT doesnt prevent it exactly. You just need to forward the port to your internal IP, how you do that depends entirely on the router/software etc.

<hr noshade size="1">
"Since light travels faster than sound, people appear bright until you hear them speak."

NetLink Research
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by Karnaugh</i>
<br />NAT doesnt prevent it exactly. You just need to forward the port to your internal IP, how you do that depends entirely on the router/software etc.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

The port forwarding will work allright, but he still won't be able to http://hisdomain.com while on the LAN. It will have to be http://[LAN IP].
 
I am not sure if this will help but here goes.

I run a web server on my LAN at home which is connected to the web through ADSL. I use http://www.no-ip.info to act as my DNS server which points to my dynamic IP which is assigned to me by Telkom.

People can then find my server (no matter what the IP) on http://whatever.no-ip.info

Their service is free which is great and you can even connect http://www.yourowndomain.com to it. Works fine. I managed to get the FTP service running as well which is accessible through ftp://whatever.no-ip.info

This was done with little trouble as the biggest problem was getting people outside to easily connect to whatever service I have running at my end without having to hassle to find out my current IP.

I have the same config as you in terms of ADSL hardware. Works fine. Currently reconfuring everything for 2004 and will post a link here as soon as I have a decent site going.

The setup looks like this:

- Web server software: Apache 2.0 (http://www.apache.org)
- FTP server software: Rhino FTP server (http://www.rhinosoft.com)
- IP redirecting: Done through http://www.no-ip.info (get small piece of software that keepts their DNS in the know as to what your IP is)

I am currently working on Linux box. Got it to automatically connect to ADSL without me prompting it to. It also has built in web and ftp services which is quite fast. The Linux box also surfs faster than my windows machine for some odd reason. Much faster infact! It is a Red Hat Shrike box.

Hope this helps.

Cheers all and happy new year!

<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by marcf69</i>
<br />Please help - I am trying to host some ftp/http pages on my local LAN behind my ADSL connection. I am using a Telkom POTS ADSL modem/router.

I have set up PAT to point all the incoming port 80 and port 21 connections to a PC on my network running IIS (please dont comment about Linux and Security! [:D])but I am getting nothing coming up when I test it at the external IP address from within the network.

I am running a Watchguard Soho 6 tc FW which has the ports 80 and 21 opened for inbound

any ideas would be greatly appreciated.

M
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

He who does not understand the value of war at the right time, cannot comprehend the value of life at any time - Anonymous
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by Andre</i>
<br /><blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by Karnaugh</i>
<br />NAT doesnt prevent it exactly. You just need to forward the port to your internal IP, how you do that depends entirely on the router/software etc.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

The port forwarding will work allright, but he still won't be able to http://hisdomain.com while on the LAN. It will have to be http://[LAN IP].
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

Andre is correct on this one. I also use a dynamic ip address to point to my linux box and it generally works fine. However, as a rule, ths ite cannot be accessed from within the network using the external ip address or the url. The reason for this is that it points back to the router after having gone out to the internet and it appears to cause a loop which the router cannot handle.

When using the lan ip address, it will load only the main index page. When you then try to follow a link from the main page, you get into the loop again.

The way I've solved the problem is by using transparent proxying with squid and iptables i.e. all outgoing requests via port 80 are automatically redirected to port 8080 on squid and squid correctly interprets the url as local and serves the pages from within the network.

I also run a secure site (virtual hosting with apache) and have noted that transparent proxying does not work for port 443. However, if you manually configure your browser to use the proxy, it works like a dream.

Accessing FTP from the internal network using the external ip/url will not work, but pointing your ftp client to the internal ip address should work just fine. I have not tried transparent proxying for ftp purposes, but I suspect that it will not work with squid since while it can do ftp proxying, I do not think you can redirect to a different port.

Cheers,
Vincent
 
<blockquote id="quote"><font size="1" face="Verdana, Arial, Helvetica" id="quote">quote:<hr height="1" noshade id="quote"><i>Originally posted by vincent</i>
When using the lan ip address, it will load only the main index page. When you then try to follow a link from the main page, you get into the loop again.
<hr height="1" noshade id="quote"></blockquote id="quote"></font id="quote">

It will fail if your links look like
&lt;a href="http://mydomain.com/page2.htm"&gt;Page 2&lt;/a&gt;

instead of simply

&lt;a href="page2.htm"&gt;Page 2&lt;/a&gt;
 
I had the same loopback issue with my hosted web page, so simply added my domain name for my web site to my hosts file with the LAN ip.

Thus if you lookup your domain from internal, it will always give the LAN address. If you have a local cache dns, add this in instead of using lousy hosts files, then all your LAN clients have the benifit.

;-)

Cheers
Bob
 
You must log in or register to reply here.
Back
Top
Sign up to the MyBroadband newsletter
X