?
Solved

Web Server behind Firewall: Port Forwarding doesn't work

Posted on 2004-08-15
20
Medium Priority
?
755 Views
Last Modified: 2013-11-16
I'm trying to set up a website on IIS 5.  It's on a Windows XP machine behind a Linksys broadband router/firewall.

It's set up and running ok on port 8080 and is perfectly accessible either through
http://localhost:8080 or
http://192.168.1.69:8080

However, when I try to access the site using my WAN IP 82.0.x.x:8080 nothing comes up but IE's
Cannot find server: The page cannot be displayed
type page.

I have set the website's IP address in IIS to [All unassigned] and setup port forwarding on the Router (I've tried this both in Port Forwarding and UPnP forwarding - neither works).  When I check port 8080 for my WAN IP (82.0.x.x) on Shields Up! (https://www.grc.com/x/ne.dll?bh0bkyd2) it says that port 8080 is open (and it closes if I disable port-forwarding so that seems to be ok).  It doesn't seem to be forwarding to my PC though and I don't understand it.
0
Comment
Question by:SteveFerson
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 6
  • 5
  • 4
  • +3
20 Comments
 
LVL 15

Expert Comment

by:scampgb
ID: 11803799
Hi SteveFerson,

First thing I'd suggest is turn off "Friendly HTTP error messages" in IE.  It's a real pain, and doens't tell you exactly what's going on.

I'd try telnetting to your webserver from an external address.  This will eliminate IE from the enquiries.  To do this, type:
telnet (your IP) 8080
    (You should get a connection, but nothing appearing)
GET /

This should then return a load of HTML to you.

Also, check that the machine running IIS is configured to use the Linksys as it's default gateway.  Can you browse out to the Internet from it?

0
 
LVL 3

Expert Comment

by:pulupul
ID: 11803808
Are you sure that you are using the correct public internet IP address? This url will tell you even in case you are browsing through a transparent proxy set up by your ISP:
http://www.lagado.com/proxy-test
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11803833
I prefer http://www.whatismyip.com/ as it allways seems to work for me?

I host my website www.petenetlive.com behing a Linksys router, but I forward port 80 to my webserver, any reason why your using 8080? this is traditionally used for proxy server web access?

on mine the forward is set up in

"applications and gaming" > "port range forward"

one possible problem you may have is - linksys use port 8080 for remote router management and it may be disabled on the administration >management tab
0
Moving data to the cloud? Find out if you’re ready

Before moving to the cloud, it is important to carefully define your db needs, plan for the migration & understand prod. environment. This wp explains how to define what you need from a cloud provider, plan for the migration & what putting a cloud solution into practice entails.

 

Author Comment

by:SteveFerson
ID: 11803842
pulpul you may be onto something....

This request appears to have come via a proxy.

The proxy host is x.x.ntli.net which has ip address 62.254.x.x
The proxy informs us that the client host ip address was 82.0.x.x (my WAN IP)

Does that mean I won't be able to access the webserver from outside then?
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11803845
are you on NTL?
0
 

Author Comment

by:SteveFerson
ID: 11803846
I've set it to forward port 80 now as well and configured this in IIS so I should be able to try both but still nothing...
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11803847
I am and mine reports
The proxy host is cache4-midd.server.ntli.net which has ip address 62.254.64.15
0
 

Author Comment

by:SteveFerson
ID: 11803849
Yes, I'm on NTL broadband.
0
 
LVL 57

Accepted Solution

by:
Pete Long earned 80 total points
ID: 11803858
well proxy aint your problem - NTL only have one true proxy and your not supposed to know about it

"inktomi1-bri.server.ntl.com" on port 8080

cause its an NTL staff proxy

just as an experiment go to http://www.no-ip.com/ sign up for FREE access and get a URL from them
install the no-ip software on your webserver (if its on XP disable the ICF firewall)

then connect using the URL that no-ip gave you

this is how mine is set up Im on NTL broadband (600k)
0
 
LVL 3

Expert Comment

by:pulupul
ID: 11803885
You have a transparent proxy, but that is not a problem for incoming connections, I said that to ensure you are using the correct public IP.
Have you disabled Windows XP's internal firewall on the network card/modem that connects to the internet?
0
 

Author Comment

by:SteveFerson
ID: 11803888
Oh dear. I apologise for wasting everyone's time. Apparently it was working, I just can't see it from behind my Firewall/Router.  I got my g/f to check it and the site came up fine.. I am sorry - although it does confuse me a little.
0
 
LVL 3

Expert Comment

by:pulupul
ID: 11803895
How to disable it: Control panel-> Network connections -> right click on the network card or modem connected to the internet -> properties -> Advanced tab -> Uncheck that and accept. If you want to keep the firewall on and open the 80 or 8080 ports, you can do that too, by clicking on "configuration" button, and in the services tab, cheching Web Server (HTTP). I would try first completly disabling the firewall, and if that works, enable it and open the port.
0
 
LVL 3

Expert Comment

by:pulupul
ID: 11803901
Then, maybe in the router you are only redirecting the incoming connections that come from the internet network card/modem, and not those coming from your LAN.
When you, from your PC, go to your public IP address, you are going to your router, which should send the connection (thanks to port forwarding) back to your pc. Maybe the router is only configured to forward connections coming from the internet, and not LAN.
0
 

Author Comment

by:SteveFerson
ID: 11803969
That sounds most likely, but there don't appear to be any settings in the router config to change this.  It's not a big deal though, as long as I know it works from outside.  Thanks anyway guys...
0
 

Expert Comment

by:smoke184
ID: 11804016
Just an FYI to this discussion. I don't know about where you are , but here port 8080 as well as port 80 are blocked by the local ISP, ( to keep keep people from runninf web servers over personnal accounts. Change the port to 8001 or some other available port, if it's dynamic register with DYNDNS.ORG to elimate that problem also. I install a lot of IP Net Cameras. That was my work-around..........:)
0
 

Author Comment

by:SteveFerson
ID: 11804039
lol thanks for the advice, and FYI I'm in Northern Ireland lol

Here in the UK, NTL allow you to have a webserver running (I was as surprised as anyone lol) so that's not the prob.  Like I said it seems to work fine outside my LAN, apparently the router just doesn't forward the ports on internal requests.
0
 

Assisted Solution

by:jmitkin
jmitkin earned 80 total points
ID: 11804227
With Linksys you can put your windows xp machine running IIS under DMZ zone and I think this will solve your problem.
0
 
LVL 57

Expert Comment

by:Pete Long
ID: 11804447
Thats correct ^^

depending on the amount of clients you have you can point them to your webserver using hostfiles as well :)
0

Featured Post

WordPress Tutorial 4: Recommended Plugins

Now that you have WordPress installed, understand the interface, and know how to install new parts, let’s take a look at our recommended plugins.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is in regards to the Cisco QSFP-4SFP10G-CU1M cables, which are designed to uplink/downlink 40GB ports to 10GB SFP ports. I recently experienced this and found very little configuration documentation on how these are supposed to be confi…
This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question