Accessing localhost via a VPN connection - apache

Goal
I am trying to setup a secure connection to a PC in our network.
The goal is to be able to access a domain, api.mydomain.test, on that PC, that is served by Apache.
Setup
To securely connect to the server, I have implemented the Softether VPN Server on the PC. The VPN network must be separate from our own local network, which the PC is also on.
The idea is to add an IP whitelist in the vhost record op Apache to allow only people on the VPN subnet to connect to the domain api.mydomain.test. Next to this filter, we also added a firewall to the PC to not allow any connection on port 80 or 443.
Issue
I can connect to the VPN perfectly and receive an IP ofthe subnet 10.11.12.x.
However, I can't seem to be able to access the server on localhost or via the IP of the other network the PC is on (10.10.2.x).
To be frank, I don't even know how to do this when connected to the VPN.
What have I tried?
Use a local tap bridge instead of virtualNAT and virtual DHCP.
This was not working as expected, because then the VPN clients (my laptop) did not receive an IP.
Add routes to allow 10.11.12.x IPs to access localhost.
According to documentation of Softether, the virtual NAT does not use the routes, so this would be useless for our goal.
What I do not know, is how this is normally setup?
I have the feeling I am trying to do this the wrong way, so any ideas or different approaches would be greatly appreciated!

Related

Remote login to specific computer (hostname) within a company network with 1 IP

I want to SSH or VNC to my computer in the company network. I know the internal IP (e.g. 192.168.x.x), the external IP name, and my computer's hostname.
if I do ssh username#externalIP
or open vnc://externalIP
How would ssh know which computer to go to on the network? Is there some way to indicate this?
If I ask my company to open port 22 would that be enough (or is vnc another port?).
What you're asking has a fairly simple solution actually. Basically the computer you are trying to connect with must allow ssh and the router must also have an open port like you mentioned. If you are trying to access the computer from an external network (i.e. not your company's network), then they may require a VPN. What's a VPN?
My university, for example, denies all requests from outside the network. You can't even ping our Raspberry Pi's from off-campus ;) In order to ssh or ping them, we have to connect with the provided VPN. It a powerful way to connect to internal, secured networks. Downside is you will probably need to contact IT within your company.

Wamp server only allows external connections from external ips

It has been a while since I started using wampserver online, and until now it all went fine, but I recently started having a problem: I can access the server through a local ip (192.168.1.37 | 127.0.0.1 | localhost) if connected to my router or from my router's ip (e.g. 83.85.44.55) if im NOT connected to my router.
So basicaly if I'm connected to my router and try to access the servel with my router's external ip, I get a timeout error, whereas if someone from for example India tried to connect he would be able to do so.
I'm currently using wampserver 2.5 for windows with apache 2.4.9 and have already re-installed everything.
Thanx in advance.
Elemermelada -
Port forwarding can be tricky when you are trying to access the server from multiple networks (i.e. your internal network and somewhere else on the internet). You are able to access the server with it's local IP because you are on the same subnet and there is no routing being done. When you attempt to connect to your webserver with your router's IP address, you are never making it to the webserver, regardless of the NAT/Port forwarding in place. The traffic is being dropped by your router because you are trying to access it from the inside. Unless you have a router that can be configured in a certain way, you will always need to connect to your webserver by it's local IP address when you are on it's local network.

Can't Port Forward To Ubuntu Web Server

I've set up an Ubuntu Web Server to host a game that uses port 25565.
I've set the router to port forward that port to the web server and gave the web server a static local IP. I've done this before using my own PC as the server.
When I try accessing the web server on that port using it's local IP I have no problem at all.
But, when I try accessing it from outside the network, I can't connect.
I've opened my router's list of DHCP clients and the web server is only listed there sometimes without a pattern I've been able to see.
Why I think the error is at my router:
I've installed Wireshark on the server to see if Apache was somehow blocking the web packets upon arrival. I tried opening all ports and I tried opening port 10000 which webmin uses (I'm able to connect to it locally). Neither has been successful.
Although I'm not experienced in the field, I don't think the packets get to Apache.
Please assist. Thank you!
Does your router hold the external IP address, or an internal one?
If it holds a private IP like 192.168.x.x, 10.x.x.x, or 172.16.x.x, then you would need to setup port forwarding on whatever device your router is connected to.
I've managed to fix it by changing the web interface of the port forwarding from atm1.1 to ppp1.1. It was just luck, as I understood it's web protocols but I don't know why it worked.
Thanks everyone for the help!

Vagrant Virtualbox Webserver, Cannot access from external network

I am having an issue and I am not sure where to go, hopefully you guys can help me out here.
I have a virtual box machine that has a bridged network, therefor the device is on my LAN and there is network connectivity to the device.
I can connect to the web server using my local ip adress 192.168.2.41:25878, however when I try to connect to it with my public IP address x.x.x.x:25878 the web browser is waiting for a connection but it never seems to establish.
Here are my config files for Apache2 / Vagrant
VagrantFile - https://gist.github.com/anonymous/7cca95da3cfc22de5333
Apache2 Site - https://gist.github.com/anonymous/d60efd938d9d7d7de60e
Ports.conf - https://gist.github.com/anonymous/8b0c20a78b36cc5d03b0
The port forwarding is correctly set up on my router. What is really puzzling me, is that I am able to connect to the web server using the local IP address 192.168.2.41:25878, however I cannot access it via the public IP address. The web browser is not rejecting the connection, so I am assuming that I have a config error somewhere, specifically in apache.. The web browser shows a spinning wheel when trying to connect.
I've been trying to solve this issue for almost a week now.. I would appreciate any help that you guys may provide.
SOLVED
So I am not sure why the setup above was not working... I changed from bridged networking to NAT and setup host to guest port forwarding through Vagrant (VirtualBox) and it started working!
I also switched to Nginx instead of using Apache.

How to connect to my apache localhost from a different network?

I am able to connect it if the two devices are in the same network but for example, if I use 4G on my android and turn of the wifi and try to connect to http://computer-ip-address then it just hangs and eventually errors out saying count not connect. The apache server is hosted in my local mac, and I've disabled my firewall temporarily. Any ideas on how to get a device using a different network to connect to my apache server on my local network?
You will need to configure your router so that it will forward port 80 from external to your mac.
Then, you can open http://your-public-Internet-ip on your mobile phone, effectively visiting your local web server.
If you don't like to remember your ip address, especially if you are on the go, the answer is dyndns or any free alternative, e.g. http://www.no-ip.com/services/managed_dns/free_dynamic_dns.html.
Using such a service, you will be able to enter http://yourname.service.com into your mobile phone. You will either have to configure your router to always tell this service your current IP (check your router for supported services) or run a tiny program on your mac which will handle this.
You need to enable port forwarding on your router to forward TCP 80 (and possibly TCP 443 if you are using SSL) to your web servers IP address.
Once done, you should be able to access your site via your routers public IP address.
Take note that of your web server is using a dynamic address provided by DHCP, your IP may change and this would stop it from working. I suggest you give your web server a static IP address to stop this.
You will probably have a dynamic IP on your router as well, so you can request a static one from your ISP or you can sign up for a dynamic DNS service.
If you post the model of your router, we may be able to give you more specific instruction on setting up port forwarding.
i hope your httpd.conf is set with port listening to
Listen 80
also, you can only access your site from your LAN otherwise, your server would need to be reachable from a public IP address, not a private one over an internet 4g connection, that means a diferent network
bonus points, if you try to reach your server from an external address, did you configure portforwarding on your router ?
If you could immediately and immediately connect to your localhost using your 4G network, then most likely anyone on the internet could do the same. It is important to understand that there are two components to the answer to your question:
Securing HTTP access (port 80 or whichever) from the internet. You probably don't want to open a wide door to your local network.
Configuring addressing from your client (in this case your phone) to your local computer (in this case your Mac). If the latter does not have a public IP address, then you will have to configure your client to hit your router instead, and to configure your router to forward accordingly.
Given that this is mostly system configuration work, I'm guessing that Serverfault would be a better place to find a satisfying answer.