Do I need a full-fledged WAN router to run a home web server?

Hello

I want to set-up a home web server. It won't be an issue to get a static IP and to run a server (spoke about that with my ISP already).
The difficult part is the hardware. My budget is tight and I don't feel like investing money into buying an additional hardware, unless I absolutely have to. What I have right now is a DSL modem that has SOME (keyword SOME!) router capabilities. It's basically 3 in 1. It's a DSL modem, a Wi-FI AP and Ethernet switch. I don't need it as a modem, since I don't have DSL here (the device is from another apartment and even country -- long story and not relevant). Right now I use it as a switch and AP. I really do NOT need this nice device to get online, it's just it's more convenient to get rid of wires on the floor. Some fools think that I have a Wi-Fi Internet at home or DSL. AGAIN -- it's NEITHER. It's a RJ-45 Ethernet PPPoE connection to the ISP.
P.S. Frankly, it's not even a money issue -- I'm afraid to buy Chinese crap that produces a high-pitched noise (kinda zzzzzzzzzzzzzz!) while working and I can hear it and it drives me crazy (already returned couple of devices to the store).
papakotaAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Lee W, MVPTechnology and Business Process AdvisorCommented:
It's unwise to put anything directly on the internet.  You CAN.  You don't NEED a router... but I think most people would consider you foolish if you did.

Any cheap router that can do port forwarding is all you need.

You could even use another computer running something like Untangle (which is actually what I use for my firewall/router) - have run it in a VM just fine.
0
papakotaAuthor Commented:
Thank you for your reply!

Okay, but do  I gotta have a "normal" Wi-Fi router (ie, with WAN RJ-45 interface in its back) or... what I have might still do the trick?
0
Lee W, MVPTechnology and Business Process AdvisorCommented:
Untangle is not a wi-fi router.  

You want something that can act as a firewall.  As I said, you don't TECHNICALLY need anything... Look at your device (wifi router/router/etc) - can it forward port 80? If so, you can use it.
0
How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

papakotaAuthor Commented:
It's HUAWEI hg-530, actually...
I think it does port forwarding, but it's not really a router, it's a DSL modem!
You keep saying that I need a hardware firewall (NAT) to run a web server. Not a must, but highly advisable. So let me ask you -- what's missing in a software firewall in Linux so I need to get a hardware firewall?
0
JustInCaseCommented:
Huawei HG-530 is router (modems don't have port forward) and  you need to enable port forward so traffic from port 80 can be forwarded to your web server.
Log into router ->
advanced -> firewall -> should be enabled
basic -> NAT ->
You need to configure that port 80 is forwarded to your web server  protocol is tcp (you need to add ip address of your local host that is web server). So that host should have static IP.
The biggest issue is that WAN ip address should be static, or you need to use some ddns service like NO-IP.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
profgeekCommented:
As Predrag said, you do have a router.  When you said you had 3 devices rolled into one, you misspoke.  There are actually 4:  Modem, router, switch, and WAP.  You've chosen not to use the modem portion by not connecting to the WAN, so you still have the other 3 functions, which you can use.  The router function will handle port-forwarding, which, in your case, only requires that you port-forward TCP port 80 to your server.  The other functions will remain as you currently have them.
0
papakotaAuthor Commented:
Thank you BOTH for your replies!

When I was saying that HUAWEI hg-530 is not quite a router, I meant that it's not capable of EVERYTHING that a regular router is capable of. For example, it can't dial the ISP all by itself, I think. So I have to use Windows dialer (so called "High Speed Connection) or ppoeconf in Ubuntu. But that's not important. Let's call it a router. Let me double-check my steps:
1) I would be obtaining a static external IP from my ISP;
2) I would have to shut down DHCP server in my router;
3) I would assign a static local IP for my future web server PC (like 192.168.1.1);
4) I would to make sure that my router has a static local IP (say, 192.168.0.1 -- I think it's its default one);
5) Probably would be a good idea to change default factory login credentials for getting into router's web config interface;
6) I would have to turn on router's firewall (and to make sure that all the relevant ports are OPEN, like 80, 443, 25, 22, 110 etc.);
7) I would have to go to NAT section to set-up port forwarding that all traffic that goes to my external WAN IP would be re-directed to my local router's IP (, say, 192.168.1.1 in my example above) via port 80 that's open in a previous part 6.
Have I missed anything as far as router is concerned?
After 7 steps that I've described above -- I would have to set-up and configure LAMP and a firewall in Ubuntu (probably I'd use Gufw). Right?
0
JustInCaseCommented:
When I was saying that HUAWEI hg-530 is not quite a router, I meant that it's not capable of EVERYTHING that a regular router is capable of. For example, it can't dial the ISP all by itself, I think. So I have to use Windows dialer (so called "High Speed Connection) or ppoe conf in Ubuntu
That router is capable of calling provider by itself but you need to setup PPOE on router (this is recommended).
1) I would be obtaining a static external IP from my ISP;
Or have similar functionality with no-ip service (there you  can get also ip address (but they that are owners of that name not you, be careful !!!). But to check how things work and for personal use it is great. Beside this you also need your domain name that need to be associated to ip address.
Like when you ping google.com you get their IP address.
2) I would have to shut down DHCP server in my router
No need for that, router can still give IP address to other hosts in your network - it is just your web server need to have static ip address That ip address should be outside dynamic IP address range.
3) I would assign a static local IP for my future web server PC (like 192.168.1.1);
Yes. but in IP range of your router.
4) I would to make sure that my router has a static local IP (say, 192.168.0.1 -- I think it's its default one);
Router can stay 192.168.1.1 and your web server can be 192.168.1.254 ... then you create port forward so any traffic that comes to specific ports is forwarded to your web server.
5) Probably would be a good idea to change default factory login credentials for getting into router's web config interface;
It is always good idea to do so.
6. and 7. ---> under 4.
0
papakotaAuthor Commented:
Thank  you for your reply!

a.) I didn't understand what you meant under 2. I only have 2 devices here -- my PC and my router. So if I set a static local IP for the PC that will be running web server software on it (ie., that's what we call here "a web server", isn't it?), then what would be a purpose of router's DHCP server capabilities? Let's say my router has a local IP 192.168.0.1 and my PC (a web server) will be assigned an IP 192.168.1.1
b.) I set up the dialing inside the router's web interface -- it doesn't dial, I still have to initiate it myself inside the OS.
I was told that it's because it's a DSL modem after all and I can't expect too much from it...
c.) So I have to port-forward ALL the relevant ports (80,443, 110 etc.) and not just port 80?
0
JustInCaseCommented:
Let's say my router has a local IP 192.168.0.1 and my PC (a web server) will be assigned an IP 192.168.1.1
You don't need DHCP  if you have just those 2 devices and web server ip address is statically assigned, but still Router and host need to be in the same ip range.
b.) I set up the dialing inside the router's web interface -- it doesn't dial, I still have to initiate it myself inside the OS
Most of those that I have configured came preconfigured from ISP's and auto dial ISP.
c.) So I have to port-forward ALL the relevant ports (80,443, 110 etc.) and not just port 80?
You can set all ports that you want (that are relevant to your use of that host), and also you can forward all ports to host by putting host to DMZ, but this is less secure option.
0
papakotaAuthor Commented:
Thanks again!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Networking Hardware-Other

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.