1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Webserver from WAN not reachable

Discussion in 'Tomato Firmware' started by tomata_user12123, Feb 6, 2015.

  1. tomata_user12123

    tomata_user12123 Connected Client Member

    i did a port forwarding for the WAN Port 12345 (for TCP and UDP) to my specific IP 192.168.1.1 on port 91 (GUI) and enabled it and saved it.

    then i opened up the specific port on firewall under administration / scripts

    iptables -t filter -A INPUT -p tcp --dport 12345 -j ACCEPT

    then i rebootet the router a few times......nothing -> i get an timeout if i want to get acces from wan site.
    i mean trying to get access to the webserver page by typing:

    xxx.xxx.x.x:12345

    just for info...

    i installed Debian Wheezy and Apache2 with MySql Support.
    On LAN Site everything works fine. even if i try to get access from LAN site by using the wan external IP Adress. everything is great. only accessing from wan site doesn´t work -> TIME OUT!!

    The Apache log says nothing. no connection from outside incoming!

    What can i do ??
     
    Last edited: Feb 8, 2015
  2. tomata_user12123

    tomata_user12123 Connected Client Member

    one more thing to say:

    if i connect from lan site by typing the external wan ip and the external port everything works.
    it doesn´t work if i want to access from outsite.

    Please any ideas ? what can i do to find the issue ?
     
  3. kthaddock

    kthaddock Network Guru Member

    Try to use: 123.123.123.123:12345 (your-wan-ip-number: port) and se if you have accesse from outside. If you test from LAN side maken sure loopback is enabled.

    Type iptables -vnL to se if your INPUT rule working.
    Try this rule:
     
  4. tomata_user12123

    tomata_user12123 Connected Client Member

    ok...many thx... i´ll try that!!!
     
  5. tomata_user12123

    tomata_user12123 Connected Client Member

    no access from outside after setting the new rule in the scripts and restart the router

    iptables -vnL says:

    0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:12345
    0 0 logaccept tcp -- * * 0.0.0.0/0 192.168.1.1 tcp dpt:91


    but doesn´t work from outside!!

    what can i do next to find the problem ?
     
  6. kthaddock

    kthaddock Network Guru Member

    Okey i missunderstod, try this:
     
  7. tomata_user12123

    tomata_user12123 Connected Client Member

    thx but still no luck!

    i tried using the NGINX server from tomato and activated "allow remote access". -> strangely enough this works from outside.
    but if i do the same with apache (debian wheezy) it only works from lan site. even with wanip:12345.
    but not if i try to connect from outside. -> strange
     
  8. kthaddock

    kthaddock Network Guru Member

    Well you did not told it was built in NGNIX sever. Then you only have to change port in NGNIX GUI.
    Server behind router on ex LAN port need portforwaring rules, and only working from "inside" until rules beeing applied. Connect to server from inside with wanipnumber relies on loopback interface and must be applied.
     
  9. tomata_user12123

    tomata_user12123 Connected Client Member

    i think you missunderstood me. i do not use NGNIX. I only tried it to see if it works with nginx.
    as you see on top of the page i did already a forwarding in the forwarding gui of tomato from wan ip:12345 to local ip 192.168.1.1 with port 91 . but all these things do not work.
     
  10. kthaddock

    kthaddock Network Guru Member

    Is your server on 192.168.1.1 or some else ?
     
  11. tomata_user12123

    tomata_user12123 Connected Client Member

    yes
     
    Last edited: Feb 8, 2015
  12. Grimson

    Grimson Networkin' Nut Member

    Once again, you can't forward ports to the router itself, only to devices on the LAN. Trying to do this will cause all sorts oddities. Remove the port forwarding and open the required port via iptables rules.
     
  13. tomata_user12123

    tomata_user12123 Connected Client Member

    @Grimson -> you are right
    Solution :i only had to disable the forwarding and open the port from wan site. then it works. so the problem was the forwarding. strange. two different ip adresses with two different ports need no forwarding ? ok it´s working -> thx for all the help to
    "kthaddock" and "Grimson".....
     
  14. tomata_user12123

    tomata_user12123 Connected Client Member

    i thought the problem was the forwarding rule. -> it wasn´t.. :-(
    i rebootet my router an after starting apache and mysql again LAN access works perfect but then again no connection from wan site.
    the only way i can connect is to start NGINX on the same port as apache.

    Please, can someone explain that ???
     

Share This Page