Solved

Webserver networking question - how to allow access to public IP from local server itself?

Posted on 2015-02-12
6
316 Views
Last Modified: 2015-02-13
I am hosting a website in-house, it is to go live in a few weeks. I have setup the NAT and DNS so the server's internal IP is translated to an external IP, and we can access the server internally and externally using the external hostname on port 80.

The company that designed and built our website is telling me that I need to 'allow access to the public IP from your server locally'. I am not really sure how to accomplish this. Is this even possible? None of my webservers are able to 'access' themselves using their own external IP. I'm assuming it would be the same as http://localhost, but will not resolve as http://<external IP>. In the back of my mind I keep thinking this is intended, and not possible but not sure why. Can you help me clear this up?
0
Comment
Question by:CoSmismgr
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
6 Comments
 
LVL 6

Expert Comment

by:rgorman
ID: 40606347
To get a web server publicly accessible all you should need to do is:

1. setup a NAT rule to port forward TCP port 80 on your firewall/router to the internal IP address of your web server.
2. setup external DNS to resolve the FQDN of the name you want to use publicly to your WAN IP that you used to publish your web server.
3. setup internal DNS to resolve the same DNS FQDN to your internal IP on your server that is bound to your web site (if you have multiple IP's on the server you would need to make sure you edit your bindings on the web site to use the specific IP you configured your DNS resolution to use)

That should be it.  If you have any ip filters on your web site that limit access to localhost or 127.0.0.1 then you would need to change those to allow access from any other IP.  That might be what you are hitting now.

It is usually pretty simple to get your web site out and accessible from the Internet.
0
 
LVL 5

Author Comment

by:CoSmismgr
ID: 40606354
Thanks rgorman, but I'm not asking how to make the web server publicly accessible, that is all in place and working great. What I am asking is 'is it possible to allow a webserver to access itself via its external IP from the local server itself?'
0
 
LVL 57

Accepted Solution

by:
giltjr earned 500 total points
ID: 40607187
Typically no.  Most firewalls don't allow what is called hair pinning.  That is a IP address behind the firewall accessing another host behind the firewall using a public NAT on the firewall.

Even for the ones that allow this, I doubt very much they allow it for the host that they are performing the NAT for.

Did they say why they want to access the host using the public IP address from behind the firewall?
0
Secure Your WordPress Site: 5 Essential Approaches

WordPress is the web's most popular CMS, but its dominance also makes it a target for attackers. Our eBook will show you how to:

Prevent costly exploits of core and plugin vulnerabilities
Repel automated attacks
Lock down your dashboard, secure your code, and protect your users

 
LVL 5

Author Comment

by:CoSmismgr
ID: 40607296
They said it was required for the website's content management system to access the 'VMC' server over the internet, not sure what the VMC server is but it sounded like BS to me. Now they are saying it looks like my server is blocking AJAX requests or requests with no content header.. I'm no developer I have no idea what that means lol.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 40607608
Um, the only way that would be a requirement is VMC used IP addresses instead of the host name.

I would check with them and see if yo can get the documentation on "VMC".  The only "VMC"'s I am aware of deal with managing virtual hosts.

The only way I can think that the web server would block AJAX requests with out content headers is if it was the host name in the header and the web server was using named virtual hosts and the default host was different from the host that is suppose to be serving up the content.  If there the virtual host name is missing from the header, then something is sending HTTP 1.0 requests or something is sending in requests using the public IP address as the host name and again and this would cause a problem if the web server is doing virtual hosting by name.
0
 
LVL 5

Author Closing Comment

by:CoSmismgr
ID: 40608364
Thanks for the clarification and answering my additional question.
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

#Citrix #Citrix Netscaler #HTTP Compression #Load Balance
This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question