Port forwarding issue

Discussion in 'Technical' started by entertheraptor, Jan 23, 2011.

  1. entertheraptor

    entertheraptor New Member

    I must seriously be the only person in the world with this problem, which is obviously pretty hard to believe but I have searched and searched and asked and asked and still can't find anyone with a complete answer.

    The issue is that my Netcomm NB7 DSL modem will not forward port 80 from the WAN side to port 80 on the LAN side because it uses port 80 to access the modems config pages. So I have had to forward inbound HTTP requests to port 81 and configure my server to listen on port 81 rather than port 80.

    I only have one internet connection and therefore have to access my server from a machine on the same network and behind the same modem as the server. Initially when I tried to access the server from a local machine by the domain name of a site hosted on the server, rather than display the site my browser would attempt to log into the modems config pages. I got around this by editing my "hosts" file to point the domain name at the network IP of the server but because the server listens on port 81 I have to append :81 to the domain name to get it to work.

    This creates issues with trying to use a CMS like Wordpress for example to build websites on the server. If I install Wordpress using a browser on my local machine and then log into the Wordpress backend and go to the general settings page the sites address shows as http://mydomain.com:81 which is viewable from a local machine on the network but will return an error if someone in the outside world tries to view the site.

    If I remove the :81 from the end of the domain name and save the settings the site is then viewable to the outside world but cannot be accessed from a machine on the same network as the server.

    There are a few other issues too but to cut a long story short and to try to get to the point, what I need is a way to get my NB7 to forward on port 80 or a modem that will.

    As I said I have searched high and low and have struggled to find people having the same issue let alone find a solution. Several people have suggested to me certain brands of modem that should be able to forward port 80 but as yet I have been unable to have any of these confirmed. Obviously I need to know for sure before I go out and spend the money on a modem that might just have the same problem.

    Does anyone know a way to get the NB7 to forward on port 80? Is there a trick or way to get around this?

    At the end of the day I need to get my server listening on port 80, help please.
     
  2. mini14

    mini14 New Member

    I don't know anything about that particular router but my Netgear WNR3500L was simple to setup and forward any ports including port 80. It's also been extremely reliable--I've had it up and running since October without having to power cycle it or anything. On the LAN side the gigabit transfer speed between the two machines on this LAN is fantastic...on the WAN side everything works as it should.

    Some ISP's block port 80 though so that may actually be your problem if you think your settings are correct on your router but it still does not work from "outside" your LAN.
     
  3. entertheraptor

    entertheraptor New Member

    Thanks for the response mini14.

    Isn't the WNR3500L a router which still requires a separate DSL modem to access the internet? It's the DSL modem that is the problem.

    My ISP doesn't block port 80, inbound HTTP requests reach my modem fine. The problem is that I have to forward those requests on port 81.
     
  4. mini14

    mini14 New Member

  5. pititis

    pititis Member

    And you cant disable the remote router access???
     
  6. entertheraptor

    entertheraptor New Member

    Meaning?

    If you mean what I think which is can I turn off the modems config server that uses port 80, well if you can then I haven't figured out how to and if you can then how do you access the modems configuration pages?

    I wondered if it was possible to get the modem to listen on a different port but I can't find a setting for that either and Netcomm charge for technical support which I'm not prepared to pay for considering that I have already paid for the modem.
     
  7. pititis

    pititis Member

    No, this option disable only the posibility to access the router from the wan interface. You will access the router config without problems and you will get free the ports 80(and 23) in wan interface. That is you need.

    If you dont have this option you can set dmz pointing your server and install firewall software or use iptables there.

    Cheers!
     
  8. entertheraptor

    entertheraptor New Member

    Well it's my own stupid fault I guess, can't go blaming anyone else but thanks, I have now locked myself out of my modems config pages.

    In the settings I went to management > services and disabled http under LAN. I did leave it enabled under WAN. I haven't been able to access my modems config pages since.

    Any ideas anyone?
     
  9. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    As far as I know, every router or modem has some kind of hardware reset button that can be used to reset it to factory defaults in such a case.
     
  10. entertheraptor

    entertheraptor New Member

    Thanks heaps till, all better again.

    Now, I finally got something out of Netcomm without having to pay for it. They suggest that there is no way around this issue of not being able to forward port 80. 65,000+ ports to choose from and they have to put it on one of the 3 or 4 that you might want to use.

    Anyway, some have suggested putting the server in the DMZ but my understanding is that even with an active firewall this still creates serious security vulnerabilities, especially for a server being administered by a novice like me.

    I'd like some peoples thoughts on the whole topic of DMZing the server.
     
  11. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Basically, if you just have the ports open that you want to be open to the outside world (like 25, 80, etc.), then I don't see any problems with the DMZ.
    If you had the server in your LAN, you would have your router forward the same ports...
     
  12. entertheraptor

    entertheraptor New Member

    Well stone the crows! it has worked.

    Server in the DMZ and listening to port 80 and all appears to be working just fine. So simple, so easy, I wonder why it took so bloody long to find out.

    So for anyone facing the same or similar issue the answer is...

    1, make sure that you have an active firewall on your server and only open the ports that you absolutely need to.

    2, use your modems configuration to set your server as a DMZ host.

    3, configure apache to listen on port 80 (the default)

    4, keep your server and software up to date to hopefully not end up with any security vulnerabilities.

    5, play, experiment, use CMS like Wordpress (because now you can) and enjoy.

    6, Remember to thank everyone who helped.... Thanks guys :)
     
  13. pititis

    pititis Member

    Well done entertheraptor!
     
  14. entertheraptor

    entertheraptor New Member

    Yeah I know, crazy isn't it!
     

Share This Page