run web server behine router

[quickcur]

I run Apache on my home PC which is behind a Netgear router. It gets
dynamic IP address from Comcast. I would like to visit the web server
from outside. I went to dyndns.org and registered an account
"mydomin.dyndns.org". I also did port-forwarding (port 80 for http) on
my router. But I can not "ping" or visit my web server from outside
with browser.

I do not think my isp is blocking port 80 because if I do not use the
router, I can visit the web server from outside.

What did I do wrong?

Thanks

qq

 

[Kristofer Gafvert]

Hello,

You most likely did not properly configure the router, since that is what
is failing (it works without the router). This means that it cannot be a
DNS issue, and it certainly cannot be an IIS issue (is IIS even involved
in this?).

If you are sure you have properly configured the router, do you really use
a machine outside the router? If not, perhaps your router does not support
loop-back?

 

[Larry Finger]

I run Apache on my home PC which is behind a Netgear router. It gets
dynamic IP address from Comcast. I would like to visit the web server
from outside. I went to dyndns.org and registered an account
"mydomin.dyndns.org". I also did port-forwarding (port 80 for http) on
my router. But I can not "ping" or visit my web server from outside
with browser.

I do not think my isp is blocking port 80 because if I do not use the
router, I can visit the web server from outside.

Which Netgear router? Is your firmware up to date? The router firmware or configuration seems to be
the problem.

I have a similar setup with my Linksys WRT54G router connected to Time Warner Roadrunner service. On
one of my internal machines I run a subversion server for the sources in a couple of program
projects that I host. I also have a registered a domain name with DynDNS.com. The only thing I had
to worry about is that I have 3 other computers behind the NAT router and I use DHCP for them. To
ensure a constant IP address for the SVN server, I assigned a fixed IP address outside the dynamic
range. This way the server always has the same internal address for router forwarding of the SVN
packets.

Larry

 

[Guest]

I run Apache on my home PC which is behind a Netgear router. It gets
dynamic IP address from Comcast. I would like to visit the web server
from outside. I went to dyndns.org and registered an account
"mydomin.dyndns.org". I also did port-forwarding (port 80 for http) on
my router. But I can not "ping" or visit my web server from outside
with browser.

I do not think my isp is blocking port 80 because if I do not use the
router, I can visit the web server from outside.

What did I do wrong?

Thanks

qq

Ping is a different port and probably blocked by your isp as well as
your router.

If You can reach the web page from outside with out the router you have
'nt got the forwarding right in the router. FYI your router may be
blocking the returned info from your website to the outide world.

 

[quickcur]

Thanks for your emails.

Here is my router config from http://192.168.1.1/start.htm

# Service Name, Start Port, End Port, Server IP Address
1 AIM 5190 5190 192.168.1.2
2 HTTP 80 80 192.168.1.2

I do not know what else I should do.

 

[Kevin Goodknecht [MVP]]

Thanks for your emails.

Here is my router config from http://192.168.1.1/start.htm

# Service Name, Start Port, End Port, Server IP Address
1 AIM 5190 5190 192.168.1.2
2 HTTP 80 80 192.168.1.2

I do not know what else I should do.

Get rid of the router and install Windows 2000 server as a stand-alone on an
old 500mhz box, with two NICs and configure RRAS as a router. and RAS and
configure inbound and outbound packet filters. You'll need to spend some big
bucks to get the same features in a store bought router.

 

[Larry Finger]

Get rid of the router and install Windows 2000 server as a stand-alone on an
old 500mhz box, with two NICs and configure RRAS as a router. and RAS and
configure inbound and outbound packet filters. You'll need to spend some big
bucks to get the same features in a store bought router.

I do this with a $70 Linksys WRT54G, which takes a whole lot less electricity that any old 500 MHz
box, didn't cost me a Windows 2K license, and has never given me a BSOD! In addition, it is a
wireless AP.

Larry

 

[biggerdigger]

I am looking myself for an ISP which allows me to run my own servers,
including a web server, of course, on my own computer. Out of curiosity
I checked COMCAST's terms of service. COMCAST hides the terms quite
well. Anyway, they offer the same kind of sickening service like COX
and VERIZON do. Have a closer look at section 14.

http://www.comcast.net/terms/use.jsp

Prohibited uses include, but are not limited to, using the Service,
Customer Equipment, or the Comcast Equipment to:
....
run programs, equipment, or servers from the Premises that provide
network content or any other services to anyone outside of your
Premises LAN (Local Area Network), also commonly referred to as public
services or servers. Examples of prohibited services and servers
include, but are not limited to, e-mail, Web hosting, file sharing, and
proxy services and servers;
....

To me, it does not matter whether an ISP limits my Internet access or
the Chinese government. Welcome to the not-so-free Internet in the USA!

I also found the following introduction quite interesting. Loan-sharks
have better terms!

Important Note: Comcast may revise this Acceptable Use Policy (the
"Policy") from time to time without notice by posting a new version of
this document on the Comcast Web site at http://www.comcast.net (or any
successor URL(s)). All revised copies of the Policy are effective
immediately upon posting. Accordingly, customers and users of the
Comcast High-Speed Internet Service should regularly visit our web site
and review this Policy to ensure that their activities conform to the
most recent version. In the event of a conflict between any subscriber
or customer agreement and this Policy, the terms of this Policy will
govern. Questions regarding this Policy and complaints of violations of
it by Comcast customers and users can be directed to
http://www.comcast.net/help/contact/.

 

[William P.N. Smith]

To me, it does not matter whether an ISP limits my Internet access or
the Chinese government. Welcome to the not-so-free Internet in the USA!

I get Verison Fios for business, 5 static IPs, 5M/2M, and all the
servers I want for $100/month. No-one is limiting anything, but you
gotta pay more if you want something more than consumer service.

[Note, the requirement to pay more money for a better class of service
doesn't count as a 'limitation' or an infringement on your civil
rights.]

 

[Dave]

where can i get that $100/mo service????

To me, it does not matter whether an ISP limits my Internet access or
the Chinese government. Welcome to the not-so-free Internet in the USA!

I get Verison Fios for business, 5 static IPs, 5M/2M, and all the
servers I want for $100/month. No-one is limiting anything, but you
gotta pay more if you want something more than consumer service.

[Note, the requirement to pay more money for a better class of service
doesn't count as a 'limitation' or an infringement on your civil
rights.]

 

[biggerdigger]

Let's try the common sense approach here, shall we? Most people cannot
afford additional charges of $100/month to their telco bill. The math
is quite simple. The telcos know that.

And what kind of service do we get? Is your telco going to fix your
problem on your server? I doubt it. What exactly is different if
someone runs a server? The bandwidth from the customer to the CO is
already crippled by an order of magnitude. Does anything depend on from
where the connection was initiated? What exactly is the justifications
for the COMCAST COX VERIZON Chinese Government style terms of services?
Why do the telcos have a problem to be upfront with their terms of
service? When I contacted Verizon, I was told on the phone that I can
only get the terms of service with my order. Go to the telcos web sites
and see if you find the terms of service on the same page where you
sign up. Do you smell a rat?

The telcos cripple all services because they want to sell them over and
over again. And they want to prohibit people from running servers,
because the telcos are planning to expand their service monopoly in the
future. That is why we cannot run servers on our computers. That is why
they are selling junk.

Some telcos even cripple the firmware of their customers' phones. How
sick is that?
http://digg.com/gadgets/Verizon_Cripples_RAZR_Phones_Audio_Ability

 

[William P.N. Smith]

where can i get that $100/mo service????

http://www22.verizon.com/content/businessfios

[I lied, their low-end starts at $60/month, 15M/2M dynamic IP]

 

[William P.N. Smith]

Let's try the common sense approach here, shall we? Most people cannot
afford additional charges of $100/month to their telco bill.

How do you go from "I can't afford it" to "these restrictions are like
those that the Chinese government imposes on everyone in China"?

Yes, it's all about economics, you can have any bandwidth, and run any
servers you want as long as you are willing to pay for the priviledge.

 

[Dave]

yeah, tracked it down... not available here. currently paying almost
$200/mo for 128kb isdn plus separate isp since verizon doesn't do idsn isp
service any more. they'll take your money for the line, but won't give you
anything but that now. t1 quoted over $2k/mo out here in the sticks.

where can i get that $100/mo service????

http://www22.verizon.com/content/businessfios

[I lied, their low-end starts at $60/month, 15M/2M dynamic IP]

 

[quickcur]

Come on, guys, stop. Please do not talk about China, we are in USA.

I do not care about their contract, yet. All I want right now is to
prove that I can setup a server and people can access it. It seems to
be true because if I take out the router, everything works fine. Now,
my problem is how to run my server behind router? Did anyone find any
trick that is not commonly known?

Please help with my problem.

qq

yeah, tracked it down... not available here. currently paying almost
$200/mo for 128kb isdn plus separate isp since verizon doesn't do idsn isp
service any more. they'll take your money for the line, but won't give you
anything but that now. t1 quoted over $2k/mo out here in the sticks.

where can i get that $100/mo service????

http://www22.verizon.com/content/businessfios

[I lied, their low-end starts at $60/month, 15M/2M dynamic IP]

 

[William P.N. Smith]

I do not think my isp is blocking port 80 because if I do not use the
router, I can visit the web server from outside.

Back to the OP and his original problem. If it definitely works from
outside without the router, then the router is not doing the right
thing. Make sure you have the latest firmware, and that you are
pointing at the LAN IP that you think you are. Better yet, either use
port triggering, or a static LAN IP to ensure that your 'server' can't
inadvertently move.

 

[BobT]

William P.N. Smith wrote:

Back to the OP and his original problem. If it definitely works from
outside without the router, then the router is not doing the right
thing. Make sure you have the latest firmware, and that you are
pointing at the LAN IP that you think you are. Better yet, either use
port triggering, or a static LAN IP to ensure that your 'server' can't
inadvertently move.

I'd second this - the following works for me.

1) assign your server PC a static IP number with a high last one - like
192.168.1.200
2) on the router make sure that the IP numbers available for dynamic
dishing out to the other computers in the place do not go as high as
192.168.1.200 - restrict them to maybe 192.168.1.100 and below.
3) set port forwarding on the router for port 80 to 192.168.1.200

That should do it.

BobT

 

[medman]

The way to get around the COMCAST problem and use their service to be
an ISP is to use ports out of the range of their scanners. Any port
above 100000 should do the trick.

 

[Tauno Voipio]

The way to get around the COMCAST problem and use their service to be
an ISP is to use ports out of the range of their scanners. Any port
above 100000 should do the trick.

It won't do - the port number is an 16 bit unsigned integer with
a maximum value of 65535.

I'd start attempting with a port above 49152 (0xc000).

 

[William P.N. Smith]

The way to get around the COMCAST problem and use their service to be
an ISP is to use ports out of the range of their scanners. Any port
above 100000 should do the trick.

Yeah, that'll be well out of the range of anyone's scanners. 8*)
[Hint, port numbers are 0-64K]