1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Accessing a server from behind the firewall

Discussion in 'Networking Issues' started by BataviaBill, Jun 3, 2005.

  1. BataviaBill

    BataviaBill Network Guru Member

    Hi everyone
    I have a situation that is driving me crazy. I have a linux server on a network behind a WRT54G router. (f/w 3.03.6). I also have a website hosted "outside" my local network. I would like to be able to access the linux server as a subdomain of my website. I have made the necessary entries to the DNS server and can access "subdomain.domain.com" from anywhere on the internet. When I try the same access from within my local network, the IP is resolved properly but I cannot connect. I have tried http, telnet, ssh. They all forward ok if the access starts from outside of the firewall.
    Any ideas?

    Thanks
     
  2. AnimoEsto

    AnimoEsto Network Guru Member

    How is your internal DNS Setup?
     
  3. BataviaBill

    BataviaBill Network Guru Member

    I do not have DNS setup internally but I don't think it is a DNS problem. When I try to access the subdomain, netstat shows that my WAN IP has been resolved. In fact, if I just type my WAN IP into the URL field of my browser, or try to telnet or ssh to the WAN IP address, I get the same results. Just "spins it's wheels" then times out.
     
  4. thedogcow

    thedogcow Network Guru Member

    I believe this is part of the firewall. On my old router (billion) it was to do with ddos attachs and victim protection. Disabling those on my old router allowed me to use the external ip to access the local server, dunno about the linksys ones.
     
  5. Guyfromhe

    Guyfromhe Network Guru Member

    This is a function of NAT called loopback, essentially what your doing is routing out the br0 interface, re-writing the packets then sending it through to the vlan1 then loopign it back into br0 re-written again many NAT devices don't support this function.
    I believe some custom firmware supports enabling loopback, theres should be some iptables tricks you can use to get it to direct to the right server...you could also run internal DNS and take over your zone internally and route it to the internal ip...
     
  6. BataviaBill

    BataviaBill Network Guru Member

    Thanks for the suggestions. A less than elagant solution is to add the server to the hosts file on each of my systems. Not really a big deal. I just wasn't sure why it wouldn't work.
     
  7. Guyfromhe

    Guyfromhe Network Guru Member

    You could do that, like I said theres several ways to do it and I think some of the firmware let you enable loopback which would fix the problem.
     
  8. Guyfromhe

    Guyfromhe Network Guru Member

    i think sveasofts firmware or dd-wrt should support it but I don't know for sure as I don't use it...
     
  9. jagboy

    jagboy Network Guru Member

    . loopback is in dd-wrt
     
  10. Guyfromhe

    Guyfromhe Network Guru Member

    heh I know every time I say dd-wrt you'll respond :p
     
  11. jagboy

    jagboy Network Guru Member

    i am crazy about dd-wrt :D
     

Share This Page