1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Accessing a server from behind the firewall

Discussion in 'Networking Issues' started by BataviaBill, Jun 3, 2005.

  1. BataviaBill New Member

    Hi everyone
    I have a situation that is driving me crazy. I have a linux server on a network behind a WRT54G router. (f/w 3.03.6). I also have a website hosted "outside" my local network. I would like to be able to access the linux server as a subdomain of my website. I have made the necessary entries to the DNS server and can access "subdomain.domain.com" from anywhere on the internet. When I try the same access from within my local network, the IP is resolved properly but I cannot connect. I have tried http, telnet, ssh. They all forward ok if the access starts from outside of the firewall.
    Any ideas?

    Thanks
    BataviaBill, Jun 3, 2005
    #1

  2. AnimoEsto New Member

    How is your internal DNS Setup?
    AnimoEsto, Jun 3, 2005
    #2

  3. BataviaBill New Member

    I do not have DNS setup internally but I don't think it is a DNS problem. When I try to access the subdomain, netstat shows that my WAN IP has been resolved. In fact, if I just type my WAN IP into the URL field of my browser, or try to telnet or ssh to the WAN IP address, I get the same results. Just "spins it's wheels" then times out.
    BataviaBill, Jun 3, 2005
    #3

  4. thedogcow New Member

    I believe this is part of the firewall. On my old router (billion) it was to do with ddos attachs and victim protection. Disabling those on my old router allowed me to use the external ip to access the local server, dunno about the linksys ones.
    thedogcow, Jun 6, 2005
    #4

  5. Guyfromhe New Member

    This is a function of NAT called loopback, essentially what your doing is routing out the br0 interface, re-writing the packets then sending it through to the vlan1 then loopign it back into br0 re-written again many NAT devices don't support this function.
    I believe some custom firmware supports enabling loopback, theres should be some iptables tricks you can use to get it to direct to the right server...you could also run internal DNS and take over your zone internally and route it to the internal ip...
    Guyfromhe, Jun 6, 2005
    #5

  6. BataviaBill New Member

    Thanks for the suggestions. A less than elagant solution is to add the server to the hosts file on each of my systems. Not really a big deal. I just wasn't sure why it wouldn't work.
    BataviaBill, Jun 6, 2005
    #6

  7. Guyfromhe New Member

    You could do that, like I said theres several ways to do it and I think some of the firmware let you enable loopback which would fix the problem.
    Guyfromhe, Jun 6, 2005
    #7

  8. Guyfromhe New Member

    i think sveasofts firmware or dd-wrt should support it but I don't know for sure as I don't use it...
    Guyfromhe, Jun 6, 2005
    #8

  9. jagboy LI Guru

    . loopback is in dd-wrt
    jagboy, Jun 6, 2005
    #9

  10. Guyfromhe New Member

    heh I know every time I say dd-wrt you'll respond :p
    Guyfromhe, Jun 6, 2005
    #10

  11. jagboy LI Guru

    i am crazy about dd-wrt :D
    jagboy, Jun 12, 2005
    #11

Share This Page