Problem with port forwarding/dmz

  • (2 Pages)
  • +
  • 1
  • 2

23 Replies - 1485 Views - Last Post: 30 April 2015 - 08:28 PM

#1 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Problem with port forwarding/dmz

Posted 26 April 2015 - 04:06 PM

I've been trying to set up a web server with the intent of being able to access from an external network. I've tried both port forwarding and a dmz, but neither work. I've called my ISP and they don't do anything that would prevent me from using these two things. My router is a Linksys WRT54G and I've tried both the Linksys site guides as well as a few other guides around the web, none have lead to success. So I am hoping someone might know something that could help me get this working. Thanks in advance.

Is This A Good Question/Topic? 0
  • +

Replies To: Problem with port forwarding/dmz

#2 Martyr2   User is online

  • Programming Theoretician
  • member icon

Reputation: 5485
  • View blog
  • Posts: 14,451
  • Joined: 18-April 07

Re: Problem with port forwarding/dmz

Posted 26 April 2015 - 06:41 PM

Well did you setup your webserver to listen on a specific port number? If so, you just put that in the single port forwarding along with the internal IP address of your web server.

Typically you setup a name like "Web Server", internal port: 12345, external port: 12345, protocol "both" and then the internal IP like 192.168.0.10 or whatever. Now I suggest you make it so your web server listens on another port besides 80 because you want to use 80 for other things like surfing the web etc. Then all you need to do is use your external IP (along with the port number) to access the server... http://64.32.11.194:12345 for instance (notice the port attached).

What this does is that a request coming to your public IP on port 12345 will be received by your router, the info is then routed internally to 192.168.0.10 where your web server will pick up the call. Then when it sends it will send to the router on 12345 and routed back out.

At least that is what I have typically seen. :)

P.S. I assume you can hit the web server just fine using your internal address right? Make sure you can actually reach the server before attempting to push it outside.

This post has been edited by Martyr2: 26 April 2015 - 06:42 PM

Was This Post Helpful? 0
  • +
  • -

#3 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Re: Problem with port forwarding/dmz

Posted 26 April 2015 - 06:54 PM

To your P.S. yeah I can access it internally. I must admit ignorance, I'm not sure how to set the server to listen to ports, I just followed this guide here when setting up my web server: guide. The only thing it talked about ports for, was configuring shorewall. How do I set a port to be listened to? A google search is only showing me stuff on how to find ports that are already opened and being listened to.
Was This Post Helpful? 0
  • +
  • -

#4 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6824
  • View blog
  • Posts: 31,465
  • Joined: 10-May 07

Re: Problem with port forwarding/dmz

Posted 26 April 2015 - 07:11 PM

View PostLt_Twig, on 26 April 2015 - 09:54 PM, said:

How do I set a port to be listened to?

Heh, that's a big question. Port forwarding is about 2 steps away from binding a port.

So you want to 'set a port'. A few questions to ask before asking that question. What data is the port serving (does it require encryption), is it already a standard service (http/ftp/mail), & what operating system are you using? You are going to have the issue of user permissions with your OS come into play. With those questions answered, you will need a software service that binds the port. Apache & nginx (for example) will bind port 80 (by default), & same with the others, ftp services will bind ports 20 & 21, email 25, 110 (& others if you require encryption). So it isn't a matter of just looking at a list & forwarding a port, as you actually have to setup the service.

Once the service is setup, & you are binding a port & listening for requests, I would test locally. Telnet is a great tester in my opinion.

Lastly you really should set your server to use the same ip address so that forwarding isn't lost when DHCP decides the lease is out. But lets get the previous stuff working first, this step is relatively simple.

Now you are ready to look to sharing this port with the outside world, & setup port forwarding on your router.

& for the record, setting a DMZ just to offer one port is a horrible, horrible idea.
Was This Post Helpful? 0
  • +
  • -

#5 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Re: Problem with port forwarding/dmz

Posted 26 April 2015 - 08:11 PM

Yeah I kinda wanted to use port forwarding in the first place but just in case I couldn't get it working I would give DMZ a shot.

So then I have been doing things right? The port I wanted to use is 8000 which is used by evennia, I also do have apache2 service running constantly (so port 80 should have been working?). And I manually set my static ip during the server installation. First, I tried port forwarding using this guide, made sure the service was working....nothing.

Then I tried DMZ using this guide guide, made sure the service was running....also nothing.

I honestly think my ISP is bullshitting me at this point, because it doesn't seem like it should be this hard.
Was This Post Helpful? 0
  • +
  • -

#6 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6824
  • View blog
  • Posts: 31,465
  • Joined: 10-May 07

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 08:30 AM

View Postno2pencil, on 26 April 2015 - 10:11 PM, said:

Once the service is setup, & you are binding a port & listening for requests, I would test locally. Telnet is a great tester in my opinion.


View PostLt_Twig, on 26 April 2015 - 11:11 PM, said:

I honestly think my ISP is bullshitting me at this point, because it doesn't seem like it should be this hard.


You need to verify inside, & then setup for outside. You are not ready to start questioning your ISP yet.

& you are right. It doesn't need to be this difficult. So stop guessing the problem & verify :)

Proper troubleshooting procedure :

1.) Verify that the service is running
2.) Check locally (telnet to binding internal IP)
3.) Verify access/error logs
4.) Check on local internal network (with the same ip as #2)
5.) Verify access/error logs (tail works great if this is a linux/unix server)
6.) Verify port forwarding
7.) Verify from outside of the modem
Was This Post Helpful? 0
  • +
  • -

#7 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 11:04 AM

I'm not making guesses, I'm making a frustrated opinion. I'm not actively accusing my ISP of anything, even though Korcett is not your standard everyday ISP. I know the basic steps of troubleshooting I've followed them like 3-4 times trying to figure this out.

Here is what I did before coming here:

1. Installed evennia and the stuff from the tutorial on setting up a webserver in the link above.
2. Started evennia process and tested the two ports it opens for client use 4000 (telnet) and 8000 (web browser)
3. Tested both from two different computers on the same network
4. Stopped evennia, setup static ip for the server, verified that the server could connect to the internet
5. Started evennia again, pinged from two computers, then tested the before mentioned ports again
6. followed this guide, tested it, didn't work
7. followed this guide, tested it, didn't work.
8.I don't have access to the modem because I live in a student apartment building. The modem is locked up in some room on the first floor and the building as a bunch network range extenders on each floor.

I'm a soon to be graduated computer scientist with a hard focus on programming and quality assurance and a soft focus in cyber security. Setting up and maintaining a webserver accessible from the outside is not exactly a strength of mine, but I figured that since it was for a small personal project it wouldn't be that bad. I came here hoping that there would be some step or method that was barely documented so I would have missed it (as is the case with a lot programming endeavors I've had, seriously ML sucks) or maybe someone who could help me out with a hardware troubleshoot. I'm not trying to make this difficult on purpose, because it is seriously one of the more difficult things I've ever had to troubleshoot. I've been messing with this problem for the past 2 weeks with no success, so I'm understandably a bit peeved and have very little patience with the project left, so don't think I'm getting mad at you guys. This site is a blessing.

This post has been edited by Lt_Twig: 27 April 2015 - 11:07 AM

Was This Post Helpful? 0
  • +
  • -

#8 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6824
  • View blog
  • Posts: 31,465
  • Joined: 10-May 07

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 11:11 AM

So at step four you changed the ip of the server that you previously tested, & then don't get a successful test again?

I would tail the log file, access on the server, then access on the local network, & then move beyond the modem.
Was This Post Helpful? 0
  • +
  • -

#9 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 11:23 AM

Sorry I left that detail out, no the ports still worked with a static ip.

Where are these log files that I should be looking at?
Was This Post Helpful? 0
  • +
  • -

#10 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6824
  • View blog
  • Posts: 31,465
  • Joined: 10-May 07

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 11:26 AM

I've never heard of this software, but a quick Google turns up logging information on the evennia wiki

Since I'm still only assuming that it's Linux or Unix, you've never confirmed nor denied it. you can also verify connections with tcpdump or netstat.

At the end of the day, you should be able to prove that there is local traffic before the router with the port forwarding.
Was This Post Helpful? 0
  • +
  • -

#11 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 11:50 AM

oh you meant with evennia. Yeah, proving local traffic getting through isn't that hard. When using port 8000, evennia has it's own website configuration that uses django. Telnet connections brings up a special message and login screen from evennia.
Here is what the webpage would look like ( the blue one):
http://lh5.ggpht.com...screenshot2.png

Neither of these would show up otherwise if I was not connected.

Unfortunately, I can't find a picture of what telnet would like. And screen capturing does not work well with an i3 window manager.

Would you like copies of these logs? If so, it will be a few hours before I get back from classes.

This post has been edited by Lt_Twig: 27 April 2015 - 11:51 AM

Was This Post Helpful? 0
  • +
  • -

#12 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6824
  • View blog
  • Posts: 31,465
  • Joined: 10-May 07

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 11:57 AM

No, I'm telling you this is where you look for verification.

Also, we don't care what the telnet output it. It's just a method to generate traffic via a controlled request.

This isn't difficult.

Tail the access logs & verify successful entries. Log on local to the server, log on local to the network, & then outside of the modem. This will show you where the communication stop. If it does work on both internal situations & not outside of the modem, check your routers logging.

There isn't a magical step that you overlooked. It's straight forward troubleshooting.

View PostLt_Twig, on 26 April 2015 - 11:11 PM, said:

I honestly think my ISP is bullshitting me at this point, because it doesn't seem like it should be this hard.


View PostLt_Twig, on 27 April 2015 - 02:04 PM, said:

I'm not making guesses, I'm making a frustrated opinion.


View PostLt_Twig, on 27 April 2015 - 02:23 PM, said:

Where are these log files that I should be looking at?


If you are not reading logs, you are making guesses. If you are graduating with a computer science degree, then computer logic & network fundamentals shouldn't be difficult. Forget the port forwarding & just validate your traffic.
Was This Post Helpful? 0
  • +
  • -

#13 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 12:25 PM

I know, I'm not saying I didn't check the logs because I did and it doesn't give out any errors or anything that would suggest that the other computers could not connect to it internally. I'm not trying to describe what telent and the webpage are so that you know what it looks like. I'm telling you this because due to the way evennia works, if I could not connect at all, internally or externally, then I wouldn't be seeing the things that I described.

As I've mentioned before I deal with building programs, and whenever there is a problem with something there is usually some workaround or trick that solves it. This is the first time I've ever focused on a networking problem, so obviously I would try to solve the problem like I would with software. Don't know how much clearer I can be about that.

I'm not making guesses, except for that one time when I called my ISP, I never truly thought that they were the issue. Honestly, the only thing to blame them for is the constant shutting off of the whole apartment network and limiting us to 10mbs per unit (there are 4 people in my unit) If your like me and spend more time on a problem than it should take to fix it, you would start getting really frustrated and started blaming things that nothing to do with the problem.

Not reading the logs does not mean I'm guessing, it means I haven't read the logs. And I have read the evennia logs because those are the logs I know where to find. So if you are talking about a different set of logs then please tell me what they are and where to find them, because as I have said before I have no experience with networking or the tools used for networking so I don't know where anything is.
Was This Post Helpful? 0
  • +
  • -

#14 no2pencil   User is offline

  • Professor Snuggly Pants
  • member icon

Reputation: 6824
  • View blog
  • Posts: 31,465
  • Joined: 10-May 07

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 12:33 PM

lets start over.

is this a Linux or Windows server?
what process name is binding the port?
what port is it configured to use?
are you able to see active local connections?
Was This Post Helpful? 0
  • +
  • -

#15 Lt_Twig   User is offline

  • D.I.C Head

Reputation: 1
  • View blog
  • Posts: 104
  • Joined: 05-March 14

Re: Problem with port forwarding/dmz

Posted 27 April 2015 - 01:07 PM

It is a linux server on a desktop computer: Ubuntu Server 14.04

The program is evennia but the process is listed as python.

The ports being used are 4000, 5000, 5001, 8000, 8001. Evennia documentation states that the ports that need to be forwarded are 4000, 8000, 8001.

Logging doesn't show connection until someone successfully logs in through browser or telnet. Here is the message that shows up when I logged in from my laptop through telnet:
2015-04-27 20:02:31+0000 [AMPProtocol,0,127.0.0.1] [..] Logged in: cotant(player 1) ('192.168.1.201', 56910) (1 session total)


Was This Post Helpful? 0
  • +
  • -

  • (2 Pages)
  • +
  • 1
  • 2