DNS Masquerading for public IPs
We have a local area network. We have a WiFi Router that’s capable of DNS Masquerading. A library website with hyperlinks pointing to an intern server resources. E.g http://ebook.myuniversity.elib/ebook_immanuel_kant_critique_of_pure_reason.pdf Our internal ip address where the resource is located is 192.168.0.200
This local domain ebook.myuniversity.elib points to the ip 192.168.0.200
The Masquerading works just fine, if users are in the internal local network. Our external IP for example is 10.10.10.200, this ip is binded to the local server 192.168.0.200 There is need to provide users with access via the internet. Users can only access via a link imbedded to the external web site. Which points to the 10.10.10.200.
The issue we have now is that the resource could not open because the ISPs could not resolve the link http://ebook.myuniversity.elib/ebook_immanuel_kant_critique_of_pure_reason.pdf
My question is this. Is there a small change we can do on the external website to resolve the resource automatically? I.e. it should be able to detect that the users are not on the local network and point them to http://10.10.10.200/ebook_immanuel_kant_critique_of_pure_reason.pdf
p.s Our external website is based on php running on Apache
This local domain ebook.myuniversity.elib points to the ip 192.168.0.200
The Masquerading works just fine, if users are in the internal local network. Our external IP for example is 10.10.10.200, this ip is binded to the local server 192.168.0.200 There is need to provide users with access via the internet. Users can only access via a link imbedded to the external web site. Which points to the 10.10.10.200.
The issue we have now is that the resource could not open because the ISPs could not resolve the link http://ebook.myuniversity.elib/ebook_immanuel_kant_critique_of_pure_reason.pdf
My question is this. Is there a small change we can do on the external website to resolve the resource automatically? I.e. it should be able to detect that the users are not on the local network and point them to http://10.10.10.200/ebook_immanuel_kant_critique_of_pure_reason.pdf
p.s Our external website is based on php running on Apache
Hi Eric,
There are two possibilities:
1. Use $_SERVER['REMOTE_ADDR'] to get the Client's IP address. Match it with the Private Address range (rfc1918) and create a Hyperlink dynamically based on the source address.
2. Simply use the Public IP Address in the Link and enable a feature called Nat Reflection or Nat Loop back if available on your internal routers.
Nat reflection is a feature which allows access to internal servers via their public IP address.
There are two possibilities:
1. Use $_SERVER['REMOTE_ADDR'] to get the Client's IP address. Match it with the Private Address range (rfc1918) and create a Hyperlink dynamically based on the source address.
2. Simply use the Public IP Address in the Link and enable a feature called Nat Reflection or Nat Loop back if available on your internal routers.
Nat reflection is a feature which allows access to internal servers via their public IP address.
Building on what noci has mentioned...
I guess let's ask: what is the TLD of the domain? Assuming the TLD to be a valid one, do you actually own the domain that is being used?
I guess let's ask: what is the TLD of the domain? Assuming the TLD to be a valid one, do you actually own the domain that is being used?
Neither 10.10.10.200 or 192.168.0.200 is pingable.
My suggestion is run a Linux or OSX machine with tshark or something similar + debug your networking layer by layer, till you find what's broken.
Hint: If ICMP is closed, open it + get your correct/public IP pinging first.
Also as @noci mentioned, .elib isn't a valid TLD, so no one outside your local network will find an invalid TLD URL very useful.
My suggestion is run a Linux or OSX machine with tshark or something similar + debug your networking layer by layer, till you find what's broken.
Hint: If ICMP is closed, open it + get your correct/public IP pinging first.
Also as @noci mentioned, .elib isn't a valid TLD, so no one outside your local network will find an invalid TLD URL very useful.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIALMembers can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.
So this URL will NEVER work on the internet. You will need to build a reverse proxy that will take a valid URL and transform it and forward it to your internal server, or better you need to setup your internal web server with a (alias) host name that has a valid URL for the outside and then have the hostname associated to some IP address and then either reverseproxy or forward the requests.