need help accessing http server

[Gene]

Archived from groups: comp.dcom.wan (More info?)

I'm running Apache HTTP Server (port 80) on my computer behind a Netgear
RP614 router.
The router is connected to a SpeedStream DSL modem, using SBC DSL.

My IP on the subnet is 192.168.0.6.
I can access the servers (as a client) using http://192.168.0.6:80 or
http://localhost:80

However, giving my browsers http://64.161.25.126:80 returns a connection
refused dialog box.
(64.161.25.126 is the WAN IP on the router, and the router is set to forward
port 80 to my computer, 192.168.0.6.)


Other computers on the subnet (like 192.168.0.2) can access the server using
http://192.168.0.6:80, but none can access it through
http://64.161.25.126:80.

Any idea what the problem could be?

 

[Guest]

Archived from groups: comp.dcom.wan (More info?)

|Other computers on the subnet (like 192.168.0.2) can access the server using
|http://192.168.0.6:80, but none can access it through
|http://64.161.25.126:80.

This is not possible with some firewall implementations. They can't loop
the packets to the outside back to the external interface and translate
the address to the inside box. Either live with the private addresses,
or use domain names that resolve to private addresses on the inside and
public addresses on the outside.
--

 

[Guest]

Archived from groups: comp.dcom.wan (More info?)

jhkyvxj@lvgpqa.com wrote:

> |Other computers on the subnet (like 192.168.0.2) can access the server using
> |http://192.168.0.6:80, but none can access it through
> |http://64.161.25.126:80.

> This is not possible with some firewall implementations. They can't loop
> the packets to the outside back to the external interface and translate
> the address to the inside box. Either live with the private addresses,
> or use domain names that resolve to private addresses on the inside and
> public addresses on the outside.

Split DNS is a good solution. Note that if it did the translation
as you ask, it likely would be slow. At the very least every
packet does through the ethernet twice, but many small routers
can't do NAT at 100baseTX speeds, and maybe not even 10baseT
speed.

With split DNS users see the same name on both sides.

A 486 running FreeBSD or Linux makes a fine DNS server,
and you likely won't complain about the cost.

-- glen

 

[Gene]

Archived from groups: comp.dcom.wan (More info?)

The situtation is different from what I thought.

Turns out that anyone OUTSIDE our subnet CAN see my server. It's ONLY the
computers behind our router (i.e. 192.168.0.x) that can't access it through
the router's WAN IP.


<jhkyvxj@lvgpqa.com> wrote in message
news:9suXc.9099$D7.7592@news-server.bigpond.net.au...
> |Other computers on the subnet (like 192.168.0.2) can access the server
> using
> |http://192.168.0.6:80, but none can access it through
> |http://64.161.25.126:80.
>
> This is not possible with some firewall implementations. They can't loop
> the packets to the outside back to the external interface and translate
> the address to the inside box. Either live with the private addresses,
> or use domain names that resolve to private addresses on the inside and
> public addresses on the outside.
> --

 

[Guest]

Archived from groups: comp.dcom.wan (More info?)

Gene wrote:
> I'm running Apache HTTP Server (port 80) on my computer behind a Netgear
> RP614 router.
> The router is connected to a SpeedStream DSL modem, using SBC DSL.
>
> My IP on the subnet is 192.168.0.6.
> I can access the servers (as a client) using http://192.168.0.6:80 or
> http://localhost:80
>
> However, giving my browsers http://64.161.25.126:80 returns a connection
> refused dialog box.
> (64.161.25.126 is the WAN IP on the router, and the router is set to forward
> port 80 to my computer, 192.168.0.6.)
>
>
> Other computers on the subnet (like 192.168.0.2) can access the server using
> http://192.168.0.6:80, but none can access it through
> http://64.161.25.126:80.
>
> Any idea what the problem could be?
>
>

yes. The problem is your "router" does not support NAT loopback.

You can only access your own boxes via their private addresses unless
you are in the public side of thr router.

 

[Guest]

Archived from groups: comp.dcom.wan (More info?)

Gene wrote:

> The situtation is different from what I thought.
>
> Turns out that anyone OUTSIDE our subnet CAN see my server. It's ONLY the
> computers behind our router (i.e. 192.168.0.x) that can't access it through
> the router's WAN IP.

Yes. This is exactly how it should behave.

There is no way to make a 192.168.0.x addressed box see the public
public address of your server with the "router" you are using.