papakota
asked on
Do I need a full-fledged WAN router to run a home web server?
Hello
I want to set-up a home web server. It won't be an issue to get a static IP and to run a server (spoke about that with my ISP already).
The difficult part is the hardware. My budget is tight and I don't feel like investing money into buying an additional hardware, unless I absolutely have to. What I have right now is a DSL modem that has SOME (keyword SOME!) router capabilities. It's basically 3 in 1. It's a DSL modem, a Wi-FI AP and Ethernet switch. I don't need it as a modem, since I don't have DSL here (the device is from another apartment and even country -- long story and not relevant). Right now I use it as a switch and AP. I really do NOT need this nice device to get online, it's just it's more convenient to get rid of wires on the floor. Some fools think that I have a Wi-Fi Internet at home or DSL. AGAIN -- it's NEITHER. It's a RJ-45 Ethernet PPPoE connection to the ISP.
P.S. Frankly, it's not even a money issue -- I'm afraid to buy Chinese crap that produces a high-pitched noise (kinda zzzzzzzzzzzzzz!) while working and I can hear it and it drives me crazy (already returned couple of devices to the store).
I want to set-up a home web server. It won't be an issue to get a static IP and to run a server (spoke about that with my ISP already).
The difficult part is the hardware. My budget is tight and I don't feel like investing money into buying an additional hardware, unless I absolutely have to. What I have right now is a DSL modem that has SOME (keyword SOME!) router capabilities. It's basically 3 in 1. It's a DSL modem, a Wi-FI AP and Ethernet switch. I don't need it as a modem, since I don't have DSL here (the device is from another apartment and even country -- long story and not relevant). Right now I use it as a switch and AP. I really do NOT need this nice device to get online, it's just it's more convenient to get rid of wires on the floor. Some fools think that I have a Wi-Fi Internet at home or DSL. AGAIN -- it's NEITHER. It's a RJ-45 Ethernet PPPoE connection to the ISP.
P.S. Frankly, it's not even a money issue -- I'm afraid to buy Chinese crap that produces a high-pitched noise (kinda zzzzzzzzzzzzzz!) while working and I can hear it and it drives me crazy (already returned couple of devices to the store).
ASKER
Thank you for your reply!
Okay, but do I gotta have a "normal" Wi-Fi router (ie, with WAN RJ-45 interface in its back) or... what I have might still do the trick?
Okay, but do I gotta have a "normal" Wi-Fi router (ie, with WAN RJ-45 interface in its back) or... what I have might still do the trick?
Untangle is not a wi-fi router.
You want something that can act as a firewall. As I said, you don't TECHNICALLY need anything... Look at your device (wifi router/router/etc) - can it forward port 80? If so, you can use it.
You want something that can act as a firewall. As I said, you don't TECHNICALLY need anything... Look at your device (wifi router/router/etc) - can it forward port 80? If so, you can use it.
ASKER
It's HUAWEI hg-530, actually...
I think it does port forwarding, but it's not really a router, it's a DSL modem!
You keep saying that I need a hardware firewall (NAT) to run a web server. Not a must, but highly advisable. So let me ask you -- what's missing in a software firewall in Linux so I need to get a hardware firewall?
I think it does port forwarding, but it's not really a router, it's a DSL modem!
You keep saying that I need a hardware firewall (NAT) to run a web server. Not a must, but highly advisable. So let me ask you -- what's missing in a software firewall in Linux so I need to get a hardware firewall?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
As Predrag said, you do have a router. When you said you had 3 devices rolled into one, you misspoke. There are actually 4: Modem, router, switch, and WAP. You've chosen not to use the modem portion by not connecting to the WAN, so you still have the other 3 functions, which you can use. The router function will handle port-forwarding, which, in your case, only requires that you port-forward TCP port 80 to your server. The other functions will remain as you currently have them.
ASKER
Thank you BOTH for your replies!
When I was saying that HUAWEI hg-530 is not quite a router, I meant that it's not capable of EVERYTHING that a regular router is capable of. For example, it can't dial the ISP all by itself, I think. So I have to use Windows dialer (so called "High Speed Connection) or ppoeconf in Ubuntu. But that's not important. Let's call it a router. Let me double-check my steps:
1) I would be obtaining a static external IP from my ISP;
2) I would have to shut down DHCP server in my router;
3) I would assign a static local IP for my future web server PC (like 192.168.1.1);
4) I would to make sure that my router has a static local IP (say, 192.168.0.1 -- I think it's its default one);
5) Probably would be a good idea to change default factory login credentials for getting into router's web config interface;
6) I would have to turn on router's firewall (and to make sure that all the relevant ports are OPEN, like 80, 443, 25, 22, 110 etc.);
7) I would have to go to NAT section to set-up port forwarding that all traffic that goes to my external WAN IP would be re-directed to my local router's IP (, say, 192.168.1.1 in my example above) via port 80 that's open in a previous part 6.
Have I missed anything as far as router is concerned?
After 7 steps that I've described above -- I would have to set-up and configure LAMP and a firewall in Ubuntu (probably I'd use Gufw). Right?
When I was saying that HUAWEI hg-530 is not quite a router, I meant that it's not capable of EVERYTHING that a regular router is capable of. For example, it can't dial the ISP all by itself, I think. So I have to use Windows dialer (so called "High Speed Connection) or ppoeconf in Ubuntu. But that's not important. Let's call it a router. Let me double-check my steps:
1) I would be obtaining a static external IP from my ISP;
2) I would have to shut down DHCP server in my router;
3) I would assign a static local IP for my future web server PC (like 192.168.1.1);
4) I would to make sure that my router has a static local IP (say, 192.168.0.1 -- I think it's its default one);
5) Probably would be a good idea to change default factory login credentials for getting into router's web config interface;
6) I would have to turn on router's firewall (and to make sure that all the relevant ports are OPEN, like 80, 443, 25, 22, 110 etc.);
7) I would have to go to NAT section to set-up port forwarding that all traffic that goes to my external WAN IP would be re-directed to my local router's IP (, say, 192.168.1.1 in my example above) via port 80 that's open in a previous part 6.
Have I missed anything as far as router is concerned?
After 7 steps that I've described above -- I would have to set-up and configure LAMP and a firewall in Ubuntu (probably I'd use Gufw). Right?
When I was saying that HUAWEI hg-530 is not quite a router, I meant that it's not capable of EVERYTHING that a regular router is capable of. For example, it can't dial the ISP all by itself, I think. So I have to use Windows dialer (so called "High Speed Connection) or ppoe conf in UbuntuThat router is capable of calling provider by itself but you need to setup PPOE on router (this is recommended).
1) I would be obtaining a static external IP from my ISP;Or have similar functionality with no-ip service (there you can get also ip address (but they that are owners of that name not you, be careful !!!). But to check how things work and for personal use it is great. Beside this you also need your domain name that need to be associated to ip address.
Like when you ping google.com you get their IP address.
2) I would have to shut down DHCP server in my routerNo need for that, router can still give IP address to other hosts in your network - it is just your web server need to have static ip address That ip address should be outside dynamic IP address range.
3) I would assign a static local IP for my future web server PC (like 192.168.1.1);Yes. but in IP range of your router.
4) I would to make sure that my router has a static local IP (say, 192.168.0.1 -- I think it's its default one);Router can stay 192.168.1.1 and your web server can be 192.168.1.254 ... then you create port forward so any traffic that comes to specific ports is forwarded to your web server.
5) Probably would be a good idea to change default factory login credentials for getting into router's web config interface;It is always good idea to do so.
6. and 7. ---> under 4.
ASKER
Thank you for your reply!
a.) I didn't understand what you meant under 2. I only have 2 devices here -- my PC and my router. So if I set a static local IP for the PC that will be running web server software on it (ie., that's what we call here "a web server", isn't it?), then what would be a purpose of router's DHCP server capabilities? Let's say my router has a local IP 192.168.0.1 and my PC (a web server) will be assigned an IP 192.168.1.1
b.) I set up the dialing inside the router's web interface -- it doesn't dial, I still have to initiate it myself inside the OS.
I was told that it's because it's a DSL modem after all and I can't expect too much from it...
c.) So I have to port-forward ALL the relevant ports (80,443, 110 etc.) and not just port 80?
a.) I didn't understand what you meant under 2. I only have 2 devices here -- my PC and my router. So if I set a static local IP for the PC that will be running web server software on it (ie., that's what we call here "a web server", isn't it?), then what would be a purpose of router's DHCP server capabilities? Let's say my router has a local IP 192.168.0.1 and my PC (a web server) will be assigned an IP 192.168.1.1
b.) I set up the dialing inside the router's web interface -- it doesn't dial, I still have to initiate it myself inside the OS.
I was told that it's because it's a DSL modem after all and I can't expect too much from it...
c.) So I have to port-forward ALL the relevant ports (80,443, 110 etc.) and not just port 80?
Let's say my router has a local IP 192.168.0.1 and my PC (a web server) will be assigned an IP 192.168.1.1You don't need DHCP if you have just those 2 devices and web server ip address is statically assigned, but still Router and host need to be in the same ip range.
b.) I set up the dialing inside the router's web interface -- it doesn't dial, I still have to initiate it myself inside the OSMost of those that I have configured came preconfigured from ISP's and auto dial ISP.
c.) So I have to port-forward ALL the relevant ports (80,443, 110 etc.) and not just port 80?You can set all ports that you want (that are relevant to your use of that host), and also you can forward all ports to host by putting host to DMZ, but this is less secure option.
ASKER
Thanks again!
Any cheap router that can do port forwarding is all you need.
You could even use another computer running something like Untangle (which is actually what I use for my firewall/router) - have run it in a VM just fine.