help with webserver setup, plz > General Discussion

Posted: 11/14/2005 6:30:11 PM EDT

Trying to setup an openbsd webserver on port 8080 (port 80 is blocked by my ISP)


                   [modem: 192.168.1.5]
 		
                              |

                    [router: 192.168.2.1]


                          /            \
 
        [openbsd: 192.168.2.6]     [windowsxp: 192.168.2.2]

What I know:
According to an online port scanner (https://www.grc.com/x/ne.dll?rh1dkyd2), port 8080 is "open"

I can get to the web page through http://192.168.2.6:8080/

I cannot get to the web page through http://<my ip address>:8080

<my ip address> is the one shown when I go to http://www.whatismyip.com/

I set up port forwarding on the modem as follows:
Protocol: TCP
Global Port(s): 8080
Base Host Port: 8080
Host Device: 192.168.1.15

I have set up the router's firewall with the following settings:
Inbound port 8080
Type: TCP
Private IP address: 192.168.2.6
Private Port: 8080

I also have the webserver's IP (192.168.2.6) placed in the DMZ of the router.

help, please

Posted: 11/14/2005 6:35:33 PM EDT

[#1]

If you can get to it internally but not externally it is probably either a firewall or acl.

you can try doing the following:

sockstat -46
(make sure port 8080 is listening)

vi /usr/local/apache/conf/httpd.conf
(make sure the config file has no errors, if it is bound to your internal ip, then it should be serving to your public ip)

nmap your server from outside your network.

try to enumerate port 8080 by telneting to it from outside your network and issuing a GET command.

make sure you have port fowarding properly setup on your router. if that still does not work, and you cant get to it from outside your network try removing the router from the equation. i know with my crappy netgear (read crapgear) you can only port foward on a single host(ie on my roomates box he has RDC enabled on the normal port 3389, but on mine im using 4444 since we only have a single public ip).

Also why do you have 192.168.1.15 setup as the host to port foward when the server is running on 192.168.2.6?

The modem will not be able to differenciate between 192.168.2.6 and 192.168.2.2. try setting up port fowarding on the router to allow 192.168.2.6, bind the apache webserver to 127.0.0.1. Setup the modem to allow port 8080 from 192.168.2.1.

You might also consider having your modem/router on the same class of nonroutables.

**edit**
if it is detecting port 8080 as open, that just means its fowarded. doesn't necessarily mean that its fowarded correctly. Try putting the box directly behind the modem. I bet the issue is with the router.

Out of curiousity what ISP do you use that blocks port 80?

Posted: 11/14/2005 6:43:54 PM EDT

[#2]

Quoted:

I set up port forwarding on the modem as follows:
Protocol: TCP
Global Port(s): 8080
Base Host Port: 8080
Host Device: 192.168.1.15

Is that just a typo, or did you copy and paste that from the modem config? Might check that it is really 5.

Posted: 11/14/2005 6:48:35 PM EDT

[#3]

Quoted:
Quoted:

I set up port forwarding on the modem as follows:
Protocol: TCP
Global Port(s): 8080
Base Host Port: 8080
Host Device: 192.168.1.15

Is that just a typo, or did you copy and paste that from the modem config? Might check that it is really 5.

not a typo, when i try entering 192.168.1.5, it pops up an error message saying that's the modem's address, and I can't use it.

Posted: 11/14/2005 6:51:03 PM EDT

[#4]

In that case try using 192.168.2.6 as the Host Device in the modem config.

Posted: 11/14/2005 6:55:59 PM EDT

[#5]

Quoted:
In that case try using 192.168.2.6 as the Host Device in the modem config.

"address is not part of the private subnet"

Posted: 11/14/2005 7:00:15 PM EDT

[#6]

Quoted:
If you can get to it internally but not externally it is probably either a firewall or acl.

you can try doing the following:

sockstat -46
(make sure port 8080 is listening)
don't have sockstat installed - and i'm too new to this stuff

vi /usr/local/apache/conf/httpd.conf
(make sure the config file has no errors, if it is bound to your internal ip, then it should be serving to your public ip)
looks good, best i can tell

nmap your server from outside your network.
don't have access to a computer outside my network

try to enumerate port 8080 by telneting to it from outside your network and issuing a GET command.

make sure you have port fowarding properly setup on your router. if that still does not work, and you cant get to it from outside your network try removing the router from the equation. i know with my crappy netgear (read crapgear) you can only port foward on a single host(ie on my roomates box he has RDC enabled on the normal port 3389, but on mine im using 4444 since we only have a single public ip).

Also why do you have 192.168.1.15 setup as the host to port foward when the server is running on 192.168.2.6?
default install, should i set everything to 192.168.1.x?

The modem will not be able to differenciate between 192.168.2.6 and 192.168.2.2. try setting up port fowarding on the router to allow 192.168.2.6, bind the apache webserver to 127.0.0.1. Setup the modem to allow port 8080 from 192.168.2.1.

You might also consider having your modem/router on the same class of nonroutables.

**edit**
if it is detecting port 8080 as open, that just means its fowarded. doesn't necessarily mean that its fowarded correctly. Try putting the box directly behind the modem. I bet the issue is with the router.
ok, tried bypassing the router - connecting straight to the modem, and still no dice.

Out of curiousity what ISP do you use that blocks port 80?
centurytel

still looking into your suggestions, thanks!

Posted: 11/14/2005 7:20:00 PM EDT

[#7]

Your router does not support "loopback". Most low cost routers don't. "Loopback" is the ability for users on the LAN-side to reach a forwarded server via the router's WAN IP address.

Warning

Confirm Action

[ARCHIVED THREAD] - help with webserver setup, plz

[ARCHIVED THREAD] - help with webserver setup, plz