webserver@Tomato - inaccessible from Internet

Discussion in 'Tomato Firmware' started by gobol, Apr 22, 2010.

  1. gobol

    gobol Networkin' Nut Member

    Sorry for newbie question,
    I've searched linksysinfo, google and found nothing. I think that the problem is so basic I cannot find such a simple answer...

    1. I've set up lighttpd server on my router. (bind @ port 80, listen on ALL)

    2. lighttpd works properly - page seen via lynx locally, page browsable from any PC in LAN

    3. Now: server is inaccessible from Internet (checked via online port scan)
    Browsing to http://<my-wan-ip>/ is also pointless.

    4. I've forwarded port 80 with tomato webgui :
    Port Forwarding :
    On	Proto	Src Address	Ext Ports	Int Port	Int Address	Description
    On	TCP	                80		      	lighttpd
    5. Now: server is still inaccessible from Internet (port 80 isn't responding)
    but after going with my browser to http://<my-wan-ip>/ from the PC in LAN everything is fine.

    So the question is :
    Where did I go wrong ? Why lighttpd is inaccessible from WAN when I've forwarded its port ?
    Or simply - how to set up webserver to be accessible from WAN ?
    (I've read lighttpd manuals and tutorials, I've spend a week on this ... )

    Big thanks for answers!
  2. kamatschka

    kamatschka Network Guru Member

    I have the same Issue with lighttpd . I configured the Tomto GUI to listen on port 81. So 80 is free. Ive configured the lighttpd config to listen on Port 80. In Local Network it is working flawelessly but it isnt accessible from WAN.
  3. eRd12

    eRd12 LI Guru Member

    Maybe you should try this instead of forwarding in tomato gui...
    iptables -A INPUT -p tcp --dport 80 -j ACCEPT
    Paste it in firewall script and by telnet or ssh console:
    service firewall restart
  4. gobol

    gobol Networkin' Nut Member

    eRd12, it doesn't work...

    but it is firewall problem for sure, because :

    iptables -P INPUT ACCEPT
    iptables -P OUTPUT ACCEPT

    makes it visible from Internet... :p
  5. rhester72

    rhester72 Network Guru Member

    Try "-I INPUT 1" instead of "-A INPUT" lest it end up _after_ the global deny =)

  6. gobol

    gobol Networkin' Nut Member

    Big thanks, rhester72 !

    iptables -I INPUT 1 -p tcp --dport 80 -j ACCEPT

    exactly works just fine!
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice