TechSpot

Webserver/router problem

By Werdna
Jun 3, 2007
  1. Hi,

    I was trying to set up my computer as a webserver, running Apache on WinXP. It works just fine behind my router, but from the outside it simply doesn't find the server. I happened to find some similar topics on this forum but not with the same problem.

    I have set up port forwarding and this -seems- to work. I can access the website through my external IP (as long as I'm behind the router), which doesn't work if I disable the port forwarding. I tried using different ports than 80 with the exact same result. The only firewall in between is on the router and those ports are opened. It's a Topcom BR 604.

    If anyone could give me some hints on what might be wrong here, I'd appreciate it :)
     
  2. jobeard

    jobeard TS Ambassador Posts: 9,351   +622

    I've done this many times -- it sounds like you've done it correctly, BUT ...

    To test public access to your site, you (and your users) will need to know
    the CURRENT public ip address of your router. Typically you access the
    router (locally) via your browser and get the public DNS,Gateway and IP addresses
    for your router; give the public ip to your user to access as
    http://your-public-address/

    the request goes to your-public-address, port forward port 80 to your
    private LAN address, eg 192.168.0.2
    and Apache will return the index.html file content
    (btw: http://your-public-address without the trailing '/' will always fail with this setup)

    your Apache must be configured;
    Listen 0.0.0.0:80
    Listen 0.0.0.0:20080​
    or
    Listen 127.0.0.1
    Listen 192.168.0.2​
    the first is more general, documents using multiple ports, and will use ANY
    nic address available.
     
  3. Werdna

    Werdna TS Rookie Topic Starter

    Thanks for the quick response!

    I know this, and it's static.

    This I did.

    I tried it with a few different ports already, or why should you listen to 20080? I tried and it didn't make a difference.

    Here I don't understand what you mean. If I substitute "Listen 80" with those two lines Apache complains there is no port number (as it should).
     
  4. Werdna

    Werdna TS Rookie Topic Starter

    Here are some pics of the configuration:
    [​IMG] [​IMG]

    My server is on 192.168.1.101, Apache is on port 33333. The firewall has that port opened, as seen in the picture. Apache itself is working fine and I can access the website just fine from another computer behind the router through "http://[public IP]:33333/" or "http://192.168.1.101:33333/". But it doesn't work from anywhere else, it simply doesn't find the server.

    I have to be missing something blindingly obvious and my only conclusion so far is that I'm an ***** :blush:
     
  5. jobeard

    jobeard TS Ambassador Posts: 9,351   +622

    LISTEN is a different directive than PORT.
    As shown, the two LISTEN directives cause Apache2 to be accessible by the
    LOCALHOST name (which is always 127.0.0.1; http://localhost/) or be the LAN address (assumed here to 192.168.0.2 http://192.168.0.2/)

    If port forwarding (port 80) is working, then access by your public address will
    arrive on the Listen 192.168.0.2 on the default port(80)

    Code:
    192.168.0.2 is an example and you need to map your lan address everywhere it is seen in this post!
    You should be aware that an ISP has the right (an frequently does so) to
    block well known server ports, such as 20,21,22,23,80,143

    If you force your Apache to LISTEN on 192.168.0.2:20080 AND
    access your site via http://your-public-ip:20080/, it is highly unlikely
    that the ISP will intervene in the transaction
     
  6. Werdna

    Werdna TS Rookie Topic Starter

    I'm not quite sure what you mean, but, if I write:
    LISTEN 33333
    It will accept any IP on that port, as far as I understand it. So this should not be a problem, and it shouldn't matter if I specify an IP or not? If I instead specify the private IP for my router like this:
    LISTEN 192.168.1.1:33333
    Then the server refuses to start, with no useful error message. Where am I going wrong there?

    My ISP doesn't block port 80. I tried it on other ports (like 33333) anyway but it doesn't make a difference.
     
  7. jobeard

    jobeard TS Ambassador Posts: 9,351   +622

    What version of Apache are you running?

    Apache 2.0.55 directives:

    LISTEN is used to restrict the server to respond to IP address requests
    PORT is used to change just the port used for access
    and listen ip:port is valid syntax.


    >LISTEN 192.168.1.1:33333 Then the server refuses to start, with no useful error message.

    sounds like Apache didn't find that ip to be accessible; are you sure that's the lan address?

    >My ISP doesn't block port 80. I tried it on other ports (like 33333) anyway but it doesn't make a difference.

    how can you tell?

    All I can say is, when the configuration is correct for your environment,
    it is possible to do what you are attempting. Find the log files to see
    what is happening.
     
  8. Werdna

    Werdna TS Rookie Topic Starter

    >sounds like Apache didn't find that ip to be accessible; are you sure that's the lan address?

    Yep.


    > how can you tell?

    Because the website is still not accessible from the outside.


    > Find the log files to see what is happening.

    This, among other things:
    [notice] Child 788: Starting thread to listen on port 33333.
    [notice] Parent: Received shutdown signal -- Shutting down the server.
    It's not really telling me anything useful...
     
  9. jobeard

    jobeard TS Ambassador Posts: 9,351   +622

    Sorry, there's many reasons for that symptom and so far that is
    not a supportable conclusion. If your mind is made up -- best wish -- I can't
    help you much further.
     
  10. Werdna

    Werdna TS Rookie Topic Starter

    That the site isn't accessible is not a conclusion, it's a simple fact. I didn't make any conclusions in that post.

    If you mean how I know my ISP doesn't block port 80 - because I asked them.

    "listen ip:port" is as far as I know valid syntax. But it wasn't working for me, I have no idea why.

    Never mind, I don't understand you half the time anyway and it'll be a few weeks before I can try this again. But thanks for trying though ;)
     
  11. jobeard

    jobeard TS Ambassador Posts: 9,351   +622

    recall the statement was:
    >>My ISP doesn't block port 80. I tried it on other ports (like 33333) anyway
    >>but it doesn't make a difference.
    and I asked
    >how can you tell?

    your reply:
    why inaccessible may be true, it did not relate to the question asked; but finally
    we get a usable answer.

    Sorry, but I'm not clairvoyant and can only deal with what you report and must
    assume that when you say you've done something (eg port forward the router), that
    A) that is a fact which was performed correctly and
    B) your router is 100% functional.

    Summary:
    when the public ip-address is known,
    there is a port forward from your router to the LAN address of your server,
    which is LISTENing on your server specific port,
    will allow an Internet user to access your LAN hosted server via
    http://[I]your-public-ip:your-server-specific-port[/I]/
    with the assumption that the ISP does not block your-server-specific port
    and the firewall on the server host allows TCP/input on your-server-specific port from all sources.

    N.B: the public URL *MUST* contain the trailing '/'
     
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...