WAN-facing web server inaccessible from LAN - Teh Forum

<body> <div id="header"> <span class="left"> <span class="back"><a href="lthread_list.php?webtag=DEFAULT"><span class="image mobile_back" title="Back"></span></a></span> <span class="image mobile_logo" title="Beehive Forum Logo"></span> </span> <ul> <li> <a class="reply_all" href="lpost.php?webtag=DEFAULT&reply_to=42846.0&return_msg=42846.9"> <span class="image mobile_reply_all"></span><span class="text">Reply to All</span> </a> </li> <li> <a class="navigation" href="#"> <span class="image mobile_navigation"></span><span class="text">Show messages</span> </a> </li> <li> <a class="main" href="#"><span class="image mobile_menu" title="Menu"></span> </a> </li> </ul> </div> <div class="menu main"> <ul> <li><a href="lthread_list.php?webtag=DEFAULT">Messages</a></li> <li><a href="lpm.php?webtag=DEFAULT">Inbox</a></li> <li><a href="lsearch.php?webtag=DEFAULT">Search</a></li> <li><a href="llogon.php?webtag=DEFAULT">Login</a></li> </ul> </div> <div class="menu navigation"><a href="lmessages.php?webtag=DEFAULT&msg=42846.1">1–10</a><a href="lmessages.php?webtag=DEFAULT&msg=42846.11">11–20</a><a href="lmessages.php?webtag=DEFAULT&msg=42846.21">21–24</a></div> <div id="page_content"> <h3 class="thread_title"><a href="index.php?webtag=DEFAULT&amp;msg=42846.9">WAN-facing web server inaccessible from LAN</a> </h3> <div id="messages" data-navigation="42846_9_24_10"> <a name="a42846_9"></a><div class="message" id="message_42846_9"> <div class="message_header"> <div class="message_from"> From: CHYRON (DSMITHHFX)<span class="message_time"> 2 Feb 2022 13:51</span> <div class="clearer"></div> </div><div class="message_to">To: william (WILLIAMA) <span><span class="image post_read" title="Read: 2 Feb 2022 14:37"></span></span> <span class="message_count">9 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.9">42846.9</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.8">42846.8</a></div> <div class="message_body"> Yeah it's kind of weird. I suspect that Bell's 'small business' offering is identical to their residential service, but more expensive? Anyhoo I'm wondering if (based on the ssh thing) maybe they've reserved ports 80 and 443 for LAN access to the modem webmin*, and forgot to tell anybody (like they did with ssh). Documentation isn't their strong suit as it's all geared to non-techincal people doing non-technical things, no depth to it whatever. There are a few independent forums (e.g. reddit, dslreports) with a lot of stuff about these kinds of issues, slogging through them now.<br /> <br /> *Edit: just remembered I can hit another web server (this one on an ancient powermac) on our LAN by IP.<br /> <span class="emoticon e_pyfitg" title="(pyfitg)"><span class="e__">(pyfitg)</span></span><div class="edit_text">EDITED: 2 Feb 2022 14:12 by DSMITHHFX</div> </div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.9&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.9"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_10"></a><div class="message" id="message_42846_10"> <div class="message_header"> <div class="message_from"> From: CHYRON (DSMITHHFX)<span class="message_time"> 2 Feb 2022 14:07</span> <div class="clearer"></div> </div><div class="message_to">To: william (WILLIAMA) <span><span class="image post_read" title="Read: 2 Feb 2022 14:37"></span></span> <span class="message_count">10 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.10">42846.10</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.8">42846.8</a></div> <div class="message_body"> Not used traceroute, I suppose it's one more thing I'll have to learn <span class="emoticon e_angry" title=":-@"><span class="e__">:-@</span></span><br /> <br /> There's the raw output. I tried default (30-hops) and -m 60 but it dies at 15 in both cases. (this also has the -I flag):<br /> <div class="quotetext"><strong>Code:</strong> </div> <pre class="code"> [08:57 dave dave-fc32~]traceroute -I -m 60 xxxxxxxx.com traceroute to xxxxxxx.com (xxx.xxx.xxx.xxx), 60 hops max, 60 byte packets 1 _gateway (192.168.1.1) 0.695 ms 0.705 ms 0.852 ms 2 dsl-173-206-32-1.tor.primus.ca (173.206.32.1) 13.157 ms 15.164 ms 17.275 ms 3 10.201.117.14 (10.201.117.14) 19.925 ms 20.349 ms 22.580 ms 4 10.201.117.73 (10.201.117.73) 24.113 ms 26.371 ms 27.482 ms 5 10.201.121.49 (10.201.121.49) 29.515 ms 33.615 ms 34.703 ms 6 64.125.60.212 (64.125.60.212) 36.427 ms 36.433 ms 38.614 ms 7 * * ae4.mpr1.yyz1.ca.zip.zayo.com (64.125.23.123) 14.315 ms 8 * * * 9 * * * 10 bx10-newyork83_ae10.net.bell.ca (184.150.181.80) 35.782 ms 37.475 ms 38.262 ms 11 tcore4-newyorkaa_bundle-ether8.net.bell.ca (64.230.79.210) 59.575 ms 59.834 ms 59.827 ms 12 tcore3-montreal02_hundredgige1-12-0-0.net.bell.ca (64.230.79.149) 60.862 ms 52.664 ms 52.725 ms 13 tcore3-toronto21_1-6-0-0.net.bell.ca (64.230.79.30) 58.291 ms 45.906 ms 44.223 ms 14 tcore4-toronto01_0-1-0-0.net.bell.ca (64.230.50.234) 45.356 ms 39.585 ms 48.195 ms 15 lns1-toronto01_xe-7\0472\0470_ae1.net.bell.ca (64.230.102.35) 40.066 ms 40.258 ms 35.764 ms</pre> <div class="edit_text">EDITED: 3 Feb 2022 14:20 by DSMITHHFX</div> </div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.10&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.10"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_11"></a><div class="message" id="message_42846_11"> <div class="message_header"> <div class="message_from"> From: CHYRON (DSMITHHFX)<span class="message_time"> 2 Feb 2022 14:38</span> <div class="clearer"></div> </div><div class="message_to">To: ALL<span class="message_count">11 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.11">42846.11</a></div> <div class="message_body"> Here's some kind of explanation: <div class="quotetext"><strong>Quote:</strong> </div> <div class="quote">to my best of knowledge, the HH2000 doesn't support nat loopback (this is what you need to access your local server using the wan IP address. there's no way around this. you could have your home dhcp and dns server on your network... and override your domain IP address on your local network to point it to the local lan IP address.</div> More detail:<br /> <br /> <a href="https://serverfault.com/questions/55611/loopback-to-forwarded-public-ip-address-from-local-network-hairpin-nat">https://serverfault.com/questions/55611/loopback-to-forwarded-public-ip-address-from-local-network-hairpin-nat</a></div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.11&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.11"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_12"></a><div class="message" id="message_42846_12"> <div class="message_header"> <div class="message_from"> From: william (WILLIAMA)<span class="message_time"> 2 Feb 2022 15:45</span> <div class="clearer"></div> </div><div class="message_to">To: CHYRON (DSMITHHFX) <span><span class="image post_read" title="Read: 2 Feb 2022 15:54"></span></span> <span class="message_count">12 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.12">42846.12</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.9#a42846_10" target="_self">42846.10</a></div> <div class="message_body"> Doesn't look like the trace will help. You're getting Bell servers that won't respond to trace requests so it just times out. I can see your site and my tracert timed out too. Shame really because it's useful sometimes.<br /> <br /> Interesting thing though, I plead ignorance seeing as it's at least 10 years since I played with any network stuff in anything remotely like a professional way. I had a quick squint at my owncloud server which is open to the internet. Turns out that the traceroute for that is totally different from my LAN to when I look at it from outside. From the LAN it goes to the router and from there straight back to the server, ie just two hops. Presumably the router is smart enough not to send a local request outside. But my router is a single (external) IP device for domestic use. Is the router you've been provided with handling a batch of external IP addresses? If so, does it make a difference whether you are on the same LAN as the web/file server, or whatever?</div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.12&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.12"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_13"></a><div class="message" id="message_42846_13"> <div class="message_header"> <div class="message_from"> From: william (WILLIAMA)<span class="message_time"> 2 Feb 2022 15:55</span> <div class="clearer"></div> </div><div class="message_to">To: william (WILLIAMA) <span><span class="image post_read" title="Read: 2 Feb 2022 15:55"></span></span> <span class="message_count">13 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.13">42846.13</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.9#a42846_12" target="_self">42846.12</a></div> <div class="message_body"> Aah, didn't see that last message until after mine.</div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.13&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.13"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_14"></a><div class="message" id="message_42846_14"> <div class="message_header"> <div class="message_from"> From: CHYRON (DSMITHHFX)<span class="message_time"> 2 Feb 2022 16:04</span> <div class="clearer"></div> </div><div class="message_to">To: william (WILLIAMA) <span><span class="image post_read" title="Read: 2 Feb 2022 16:04"></span></span> <span class="message_count">14 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.14">42846.14</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.9#a42846_12" target="_self">42846.12</a></div> <div class="message_body"> I've worked out a couple of things to try. Complicating this is an .htaccess redirect from 80-443 (http-https).<br /> <br /> I've set up a noip.com dynamic dns domain pointing at the WAN iP (I suspect this will wind up in the same bad place though)<br /> <br /> or<br /> <br /> I can NFS export the server's /var/www/html and point a virtualhost on another server and so see the WAN-facing *content* which is the main thing (always nice to confirm if it can be hit from the actual domain though)<br /> <br /> A third option to consider is monkeying with another .htaccess rule to override the redirect for LAN requests but I dunno<br /> <br /> A fourth option is to rejig the managed switch for DHCP, port forward the modem to that, and port forward the server from it.<br /> <br /> Not liking any but worth a try, maybe.<br /> <br /> Someone helpfully pointed out that these modems are 'internet for idiots,' which serve the market very well so why would they change that? (our old ISPs modem has no such issues, but it's more business oriented; Bell is late to the party)<div class="edit_text">EDITED: 2 Feb 2022 16:05 by DSMITHHFX</div> </div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.14&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.14"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_15"></a><div class="message" id="message_42846_15"> <div class="message_header"> <div class="message_from"> From: william (WILLIAMA)<span class="message_time"> 2 Feb 2022 16:04</span> <div class="clearer"></div> </div><div class="message_to">To: CHYRON (DSMITHHFX) <span><span class="image post_read" title="Read: 2 Feb 2022 16:05"></span></span> <span class="message_count">15 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.15">42846.15</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.9#a42846_11" target="_self">42846.11</a></div> <div class="message_body"> That's sad. Is it going to be a problem for the business? </div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.15&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.15"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_16"></a><div class="message" id="message_42846_16"> <div class="message_header"> <div class="message_from"> From: CHYRON (DSMITHHFX)<span class="message_time"> 2 Feb 2022 16:08</span> <div class="clearer"></div> </div><div class="message_to">To: william (WILLIAMA) <span><span class="image post_read" title="Read: 2 Feb 2022 16:08"></span></span> <span class="message_count">16 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.16">42846.16</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.9#a42846_15" target="_self">42846.15</a></div> <div class="message_body"> Not really. The main thing is hitting the server from outside for all the WFH folks, it does that np. Also I mostly WFH ...<br /> <br /> Verifying sftp access is my next priority.</div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.16&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.16"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_17"></a><div class="message" id="message_42846_17"> <div class="message_header"> <div class="message_from"> From: william (WILLIAMA)<span class="message_time"> 2 Feb 2022 16:21</span> <div class="clearer"></div> </div><div class="message_to">To: CHYRON (DSMITHHFX) <span><span class="image post_read" title="Read: 2 Feb 2022 16:32"></span></span> <span class="message_count">17 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.17">42846.17</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.9#a42846_16" target="_self">42846.16</a></div> <div class="message_body"> Not 100% sure why the redirect to HTTPS is a problem (I have that on my server) but as I've contributed nothing useful so far, I shall leave you to continue enjoying yourself with network fun.<br /> </div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.17&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.17"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div><a name="a42846_18"></a><div class="message" id="message_42846_18"> <div class="message_header"> <div class="message_from"> From: CHYRON (DSMITHHFX)<span class="message_time"> 2 Feb 2022 16:32</span> <div class="clearer"></div> </div><div class="message_to">To: CHYRON (DSMITHHFX) <span><span class="image post_read" title="Read: 2 Feb 2022 16:32"></span></span> <span class="message_count">18 of 24</span><div class="clearer"></div> </div> </div> <div class="message_links"> <a href="lmessages.php?webtag=DEFAULT&msg=42846.18">42846.18</a> In reply to <a href="lmessages.php?webtag=DEFAULT&msg=42846.9#a42846_16" target="_self">42846.16</a></div> <div class="message_body"> sftp over port 30 works.</div> <div class="message_footer"> <div class="message_footer_links"><a href="lpost.php?webtag=DEFAULT&reply_to=42846.18&return_msg=42846.9" class="reply"><span class="image post"></span>Reply</a></div> <div class="message_vote_form" data-msg="42846.18"> <span class="rating">0/0</span> <span class="image vote vote_down vote_down_off" title="Vote Down"></span> <span class="image vote vote_up vote_up_off" title="Vote Up"></span> </div> </div> </div></div> <div class="message_page_footer"> <ul> <li class="right_col"><form accept-charset="utf-8" method="get" action="lmessages.php" target="_self"><input type="hidden" name="webtag" id="webtag" class="bhinputtext" value="DEFAULT" dir="ltr" /><input type="hidden" name="msg" id="msg" class="bhinputtext" value="42846.19" dir="ltr" /><input type="submit" name="submit" id="keep_reading" value="Keep reading…" class="button" /></form></li> </ul> </div> </div> </body>