router problem - webserving

[Spike]

I am having trouble serving to the web via port 80 through my router. For convenience and accuracy, I've used screenshots to show my settings, obviously with ISP IP addresses and mac addresses blacked out.

Truth be known, I know next to nothing about routers.

What I would like to know, is the reason that typing my IP adress to port 80 (xx.xx.xx.xx:80) isn't resolving to my webserver, when typing localhost into my local browser is absolutely fine, and previous to using the router, people from across the web were able to access it. I would very much like to get this working again if I could. Anyway.... the images...

Any advice? or is there nothing apparent wrong?

 

[zephead]

you're missing some ports apparently. what os and service pack is the server running? is http the only protocol you're going to be using? try enabling port 80 for udp and tcp (for only as long as it takes you to test).

KEEP SAID PORTS OPEN FOR A VERY LIMITED TIME!!!!!!!!!!!!!! ONCE YOU TEST IT, CLOSE ALL YOU OPENED IMMEDIATELY FOR SECURITY REASONS.
for troubleshooting purposes, attempt opening ports 0-65535 for your server. reply what your findings are.

good luck.

 

[Justin]

Do not open port 80 for UDP. http will never use UDP.

Relative http ports will be 80, 443 and 8080 if you use https, all TCP.

Have someone scan your IP externally. If you would like me to help you out, PM me and I can check your public IP to see if the port is properly forwarded. It is most likely a router configuration issue.

It is also possible your webserver is listening on 10.0.0.x rather than 0.0.0.0 or 127.0.0.1. If this is the case, the webserver may only respond to requests coming from LAN addresses.

DO NOT OPEN ALL THOSE PORTS

NEVER NEVER NEVER open ports 135-139 to a Windows machine that is on the internet. DO NOT. If you want to open that many ports be absolutely sure you do NOT open 135-139. If you do, you are simply begging to have your computer infected and compromised.

 

[Spike]

The server box is running xp pro sp2, with the windows firewall OFF. (but is firewalled through Sygate personal Firewall, as is the other XP box on the LAN)

The other port (blacked out) above is a TCP port I've tried to forward for purposes of remote logon (via IIS), but that hasn't worked either. I then tried to set up netmeeting for the same, and the other pc on the lan could remotely access my server pc with the LAN address, but not with the IP address.

If you wouldn't mind too much Soul, I'll take you up on that offer and PM you my IP address.

 

[Spike]

OK. My router went slightly screwy, and so it's Ever so slightly different now after setting this up again. (the manually added route table entries were no longer required)

My firewall is now set to allow all traffic for the time being and I'm using IIS as my webserver. The connection details in my firewall for inetinfo.exe are reported as...

{Protocol=TCP} - {LISTEN} - {Local port=2068} - {remote=port 0} - {Ipaddress 0.0.0.0 -> 0.0.0.0}
{Protocol=TCP} - {LISTEN} - {Local port=3456} - {remote=port 0} - {Ipaddress 0.0.0.0 -> 0.0.0.0}
{Protocol=TCP} - {LISTEN} - {Local port=443} - {remote=port 0} - {Ipaddress 0.0.0.0 -> 0.0.0.0}
{Protocol=TCP} - {LISTEN} - {Local port=2303} - {remote=port 0} - {Ipaddress 0.0.0.0 -> 0.0.0.0}

I can access the webserver no problem at all by typing "localhost" into my browser (but not by using 127.0.0.1). I can access the remote desktop web connection by typing "localhost:2023/tsweb/" into my browser.

However, the other machine on the network (which can happily access my shares) cannot access any of these through the LAN IP address (10.0.0.12), and neither can the machine running the server (this one). Niether machine can access the webserver through the ISP assigned IP address on any port.

The windows firewall is turned off.

I would certainly appreciate it if you could rescan my machine Soul (new router config! ), if you would be so kind and are able, and I would certainly appreciate any further suggestions or advice from anybody here.

 

[Spike]

2 resets to factory settings later, plus a webserver recofiguration, and now my Apache server is the one running on port 80 on my local machine.

I can access it using localhost, 127.0.0.1, and my lan IP.

Virtual servers are set as in my original post, but I still cannot access my server through my external IP address. The other machie on the network can also access the webserver through the lan IP.

I REALLY need advice/help here.

 

[RealBlackStuff]

Which exact router do you have and what version Apache?

 

[Spike]

It's a Mercury ART16CX based router (much like the Speedcom). The APache is the latest version.

I've just realised within the last half an hour or so though...

...I'm entering the External IP from the LAN side. I would assume that the router routes requests from the WAN side to the LAN side, and vice versa.

Does this mean that entering the WAN side IP from the LAN side of the router would result in the router blocking the traffic? If so, I've probably just been majorly stupid (it happens from time to time! lol), and it's probably been working all along!!!

RBS, if you wouldn't mind, Could I PM you with links (obviously I don't want to publicise my static IP) to my webservers (running IIS simultaneously with Apache) for you to visit and tell me if they acctually bring up a page?

 

[Nodsu]

Many routers are unable to deal with loopback traffic and will not allow you to connect to your own external IP address. You will have to use some other computer on some other connection. Your ISP's proxy server would be a good thing to use.

 

[RealBlackStuff]

Go ahead, send me a PM, I'll try to connect and let you know.

 

[Spike]

Thanks Nodsu, but I'm afraid my ISP didn't seem to have a proxy I could use.

However, I was right (and thankyou very much Nodsu for putting a name to it). I've been a complete ***** all along, not considering for a moment that my router can't handle loopback traffic.

Thankyou too all who've helped me