xeneixe
join:2005-05-06
Washington, DC | [Help Me] NAT doesn't seen to be working in my DI-524
I have a little web page in XP with an Apache 1.3.1 web server. I can see the web page within the LAN but can't get public access from outside. I enabled the virtual server HTTP on port 80 but still can't access it. Please help |
|
Talon88
The One
join:2003-08-13
Toronto
 ·Bell Sympatico
1 edit | :::
Look like wrong setting of the LAN HTTP Server IP
at the rules.....!
:::
--
[=Talon88=]
»DI-624 Firmware update w/ Crash Recovery Step by S --
»[Info] Some Clue about DI-624 Reboot |
|
ANoni
@cox.net | reply to xeneixe
Re: [Help Me] NAT doesn't seen to be working in my
If your ISP blocks port 80 you have to use a different port, like 81 for example. |
|
xeneixe
join:2005-05-06
Washington, DC | reply to xeneixe
Anoni: called my ISP and they don't block any traffic.
Talon88: My DI-524 is the one that handles the internal IPs. Should I change the settings to have my internal IPs to be static?
Thanks for your suggestions and help |
|
Bwuutje
join:2005-01-10
| Your problem is most likely not your router or your ISP.
It's probably your lack of knowledge and understanding of (destination) NAT and port forwarding.
I suggest you start reading here: »portforward.com/help/portforwarding.htm
Bwuutje. |
|
xeneixe
join:2005-05-06
Washington, DC
| Bwuutje
Read the article you recommended and my lack of knowledge still intact.
Following these instructions in the D-Link support page:
The device can be configured as a virtual server so that remote users accessing services such as Web or FTP services via the public (WAN) IP address can be automatically redirected to local servers in the LAN network. Depending on the requested service (TCP/UDP port number), the device redirects the external service request to the appropriate server within the LAN network. If you have a Web server that you wanted Internet users to access at all times, you would need to enable it. Web (HTTP) server is on LAN computer XXX.XXX.XXX.XXX (Internal IP address). HTTP uses port 80, TCP.
That is what I did
Thanks |
|
Bwuutje
join:2005-01-10
| "Should I change the settings to have my internal IPs to be static?"
Yes, it would be most helpful that the pc on which you have the webserver (or any other kind of server) running has a fixed IP-address. How else would the router know to which ip the traffic should be routed to ! Either entered it manually in its config or have it statically assigned by your DHCP-server in the router. (In case you do the first, make sure you do NOT use an IP-address from the DHCP-pool, but from the same subnet though !).
Also you do not have to "xxx" your internal IP-address out in your postings here, unlike some experts here, that is worthless info for a 'hacker'. Private ip-addresses can and will not be routed over the internet. Btw, MAC-addresses or NIC-types are pretty useless to them too.
Make sure you test it from the outside if you browse to a 'hostname' e.q. with the help of things like DynDNS. If you can ssh or so to a host 'outside' you can always test e.g. with lynx. (You ARE testing to your external ip-address, right ?). If not available, telnet to port 80 should tell you enough to see wether its working or not.
Bwuutje. |
|
frovingslosh
join:2003-08-28
Apex, NC
| reply to xeneixe
said by xeneixe  :Should I change the settings to have my internal IPs to be static?
Under the DHCP setting, assign your systems (or at least the ones that are servers) static IP addresses based on MAC address. Still allow the addresses to be handed out by DHCP. Make no change in the server itself, as far as it is concerned it gets it's address by DHCP.
Log in the server to the network. Note it's IP address. Then got to the router setup again and go to the advanced tab and set up a virtual server that will forward the desired port to port to that IP address.
That's it. |
|
ANoni
@cox.net
| reply to xeneixe
Re: [Help Me] NAT doesn't seen to be working in my DI-524
I can assure you it will work if everything is done correctly.
1. Stop blaming the router.
2. Use static IPS, forget about DHCP and static DHCP.
(I don't trust SOHO routers DHCP)
3. disable gaming mode, disable UPnP, enable discard ping from WAN side.
4. IF DSL (which you did not bother to specify if cable or DSL) set the MTU to 1432. Check the Virtual server setings, make sure that the port you wana forward is the only one in the list.
5. DMZ must be disabled.
6. check to see if the WAN IP is public or private, if it is private then yor are double NATting and that's a different ball game.
7. If wired PC, lock the NIC to 100 Mbps.
8. if you expect help at least give more details man!! |
|
xeneixe
join:2005-05-06
Washington, DC
| Re: [Help Me] NAT doesn't seen to be working in my
Anoni:
First of all let me thank you for taking the time and effort in trying to help me.
I did everything you suggested me and still cannot access the web page.
Here some more info:
PC = Pentium III 900 �€“256MB ram �€“ 10GB HD - Windows XP Pro �€“ SP2 �€“ Apache 1.3 ISP = Verizon DSL
This is what I have done besides what was suggested here:
·Turn off XP firewall
·Changing configuration of Apache
·Upgrading- degrading router�€™s firmware (now using 3.01)
·Using DMZ
·Using DHCP , using static IPs and a mix of static and dynamics (now using the web server static the other PC and the wireless DHCP)
·Changing firewall rules in the router
·Changing the listening port to 1000 (both in the router and in the web server config)
·Enable router�€™s remote management and I can see it from outside without any problems using the IP + 8080
And after trying all this, I get basically the same result. I can see the web page from the other two PCs in the network but can�€™t see it from outside. I can see the web page from inside the network even using the WAN IP. Registered with DynDns and I can see the web page from inside using the DynDns name that I created but doesn�€™t work from outside.
These are some of the settings in my router:
WAN
PpoP = Enabled
MTU = 1432 (it was 1492)
DHCP
DHCP server = Enabled --- Starting IP = 192.168.0.101 Ending = 192.168.0.199
Static DHCP Client List
stevito 192.168.0.100
Virtual Server ( the only one enabled)
Virtual Server HTTP 192.168.0.100 TCP 80/80 always
Firewall rules
AllowRemote Managment http Server WAN,* LAN,192.168.0.1 TCP,80-8080
AllowVirtual Server HTTP WAN,* LAN,192.168.0.100 TCP,80
Deny Default*,* LAN,* *,*
Allow Default LAN,* *,* *,*
DMZ = Disabled
Remote Management = Enabled
UPNP Settings = Disabled
Gaming Mode = Disabled
VPN = Enabled (both PPTP �€“ IPSec)
Multicast Streams = Enabled
Dynamic DNS = Disabled
Thanks again for any help that you or anybody else can give me with this. |
|
ANoni
@cox.net
| reply to xeneixe
Virtual Server HTTP 192.168.0.100 TCP 80/80 always
That might be the problem.
Delete that virtual server entry and set it up for port 82.
Configure web server for port 82.
Make sure you add the :82 in the address bar of browser when trying it out.
Dude it will work man, it has to.
Whenever I configure port forwarding in my router it works all the time.
Also play around with the WAN select settinng, this is known in the DI-524 routers. |
|
xeneixe
join:2005-05-06
Washington, DC | Dude didn't work.... I'm this close from going to best buy to get a linksys |
|
Jubz
@adelphia.net | reply to xeneixe
I see the same exact problem, even without NAT on this LINKSYS router. All other ports work, except for port 80. |
|
ANoni
@cox.net | reply to xeneixe
To the original poster just answer this question:
6. check to see if the WAN IP is public or private, if it is private then yor are double NATting and that's a different ball game. |
|
Jubz
@lsil.com
| reply to xeneixe
I'm not using NAT, but I have the same problem expressed in this thread. On my LAN, my webserver uses HTTP/80 just fine. However, incoming web traffic to this port is blocked (people get the "Error 404 - Bad Request" message). If I set the public port to TCP-80, the website is not seen. Port 81 is fine, and so is any other. I checked the firewall and the IP filter lists, and I don't see any reason why that traffic should be blocked. I'll appreciate any help ... |
|
Tsume
join:2004-02-23
Johnson City, TN | reply to xeneixe
Is remote admin enabled in your router ? |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
 ·Skype
| reply to xeneixe
said by xeneixe : DHCP DHCP server = Enabled --- Starting IP = 192.168.0.101 Ending = 192.168.0.199 Static DHCP Client List stevito 192.168.0.100 This won't work. A Static DHCP entry must have an IP address within the range of the DHCP server.
Reassign stevito to an IP between 192.168.0.101-199. Then make the same change to the Virtual Server entry.
After making that change, power-cycle your router and reboot stevito. After it boots, ensure that it was assigned the address by typing ipconfig /all at a command prompt.
--
Robb Topolski
http://www.funchords.com/
Hillsboro, Oregon USA |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
1 edit | reply to xeneixe
Re: [Help Me] NAT doesn't seen to be working in my DI-524
said by xeneixe :I have a little web page in XP with an Apache 1.3.1 web server. I can see the web page within the LAN but can't get public access from outside. I enabled the virtual server HTTP on port 80 but still can't access it. Please help The URL are you using to access this from within your LAN -- is it an IP or a name?
For example... http://192.168.0.100 http://stevito
--
Robb Topolski
http://www.funchords.com/
Hillsboro, Oregon USA |
|
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to xeneixe
Re: [Help Me] NAT doesn't seen to be working in my
said by xeneixe : I can see the web page from inside the network even using the WAN IP. Registered with DynDns and I can see the web page from inside using the DynDns name that I created but doesn't work from outside. Aha, now that's a big clue!
said by xeneixe : I can see the web page from inside the network even using the WAN IP. What was the first two numbers of the WAN IP? For example, 68.204.xxx.xxx. This will tell me whether or not it is a routable IP.
--
Robb Topolski
http://www.funchords.com/
Hillsboro, Oregon USA |
|
ANoni
@cox.net | reply to xeneixe
dude has not answered the question regarding the WAN IP. |
|
