I'm hosting my website on IIS. I am able to access the website via localhost and the system's IP address, but I'm unable to access it outside of my local network. I am able to remotely control that machine using mstsc.
I believe that the firewall is completely disabled. What could be the cause of this?
If your external IP address is different from your machines' intranet IP address, what you need is port forwarding configured in your router. I.e. external requests coming to ports 80 (HTTP) and port 443 (HTTPS) should be re-routed to your IIS PC.
Disregard port 443, if your web site is not using Secure Sockets Layer (SSL).
Related
I installed a nextcloud service on my NAS in a docker container and the service is reachable from the internet via a FQDN for which I generated wildcard Letsencrypt certificates.
A reverse proxy (Traefik) is dispatching requests to the service and handles http/https.
Everything works fine while outside of my LAN but connecting to nextcloud from the local network gives certificate errors.
For instance, trying to open the nextcloud home page from Firefox gives:
nextcloud.yourdomain.com uses an invalid security certificate.
The certificate is not trusted because it is self-signed.
Error code: MOZILLA_PKIX_ERROR_SELF_SIGNED_CERT
View Certificate
Clicking on "View Certificate" actually shows the router's own certificate.
As an additional information, my nextcloud service FQDN is correctly resolved to my router's public IP address even from within the LAN, i.e.
ping nextcloud.yourdomain.com
correctly returns the public IP address of my router.
How can I avoid this? Why is the router using its own certificates for https traffic to hosts that are inside my LAN instead of my my domain's Letsencrypt certificates, exactly as it's happening from outside the LAN?
Evidently the reverse-proxy or the NAS are not to be blamed as https requests are not even reaching them.
Could you help me with some additional troubleshooting?
Thanks
PI
The external IP address you use is actually the IP address of your router. For traffic from outside (i.e. the internet) there is a port forwarding rule which forwards this traffic to the internal server. For traffic from inside this port forwarding will not be applied - this is how your specific router works. And since there is actually a service running on the same port (the admin interface of the router) and this is reachable from inside it will be used instead.
Note that this is how this particular router works. A different router might apply the port forwarding to both internal and external traffic. It would need to support NAT loopback too in this case though.
A workaround would be to use split DNS, i.e. access the nextcloud from outside by the public IP address and from inside by the internal IP address. If such a setup can be done with the systems you already have is unknown.
I started using node express not too long and developed a simple http server using the default settings.
I have always tested it with requests to localhost:3000 with Postman and on the browser and everything was fine.
Then I needed to move the service on the local network so that even applications not running on my machine can access it.
I got my local IP and before perform any modification I tried first with Postman using the IP address instead of localhost and also with the browser on my smartphone to check what would have happened. With my surprise it was already working on the local network, in the sense that I got a response message from the server (which might be dangerous since I did not even know).
I guess the line where you specify which address and port the server should listen on is server.listen(port);
If the address is not specified does it mean that it should listen both to localhost and local IP? Or is node-express automatically forwarding from one address to the other? Otherwise how can it work both on localhost and local IP?
node-express and all other web application servers listen to port, not IP address. That is, as long as port X is listened on your machine (server.listen(port); in node-express) and not blocked by firewall, and another host H can access your machine by IP, H can visit the web application that listen X.
If the address is not specified does it mean that it should listen both to localhost and local IP? Or is node-express automatically forwarding from one address to the other?
"port listening" happens on transport layer, while IP address belong to network layer. When listening to the HTTP request, node-express does not care about the visitor's IP address.
Is there a way to see which resource both of them are pointing to?
All clients visit resource in web application in the same way, it has nothing to do with client's IP, unless you manually configure it in the web application.
I'm brand spanking new to setting up websites, so go easy.
Basically I setup an osticket system on my XAMPP stack and It works locally no problem but when I try to access it from my public IP it won't connect.
I've port forwarded port 12345 -> 80 as my server listens on 80.
So theoretically if I type in my URL bar it should connect right?
In the httpd.conf file for Apache do I enter the external or internal IP address? I'm assuming I leave it as localhost because the .conf file is local to the server.
My networking setup:
Firewall setup:
<PublicIP:12345> ALLOW <PriavteIP>
Port forwarding setup:
<PublicIP:12345> -> <PrivateIP:80>
It's hard to tell without understanding more about your setup. I'm going to assume you have a router that connects your internal network to the Internet, and you have one or more computers connected in your network, and your server is one of those.
So are you talking about the port forwarding rules on your public-facing router's firewall? If you are forwarding port 12345 from your router to port 80 on your server, the reason it won't work is because a standard HTTP request from a public machine will come to your router on port 80, not port 12345. Are you entering in a URL with the 12345 port number in it? If anything, you should simply be routing all requests to port 80 on your router to the IP of your server.
You can check this if you try to view your web site using the port number in the URL. So if your IP address to your router is 5.6.7.8 you would enter http://5.6.7.8:12345 and this would load your web page, as the request for a page from port 12345 would get forwarded to port 80 on your server. But honestly I think you just need to get rid of port 12345.
I have a site in my local which is running under xampp.Now in another Mac I want to access the local site.It can be done via sharing the ip? or something to write in host file.The source machine is windows and the target machine is mac.
I dont know how to include the ip in host file in Mac.
Assuming that it's running on port 80 or 443 and your firewall is set to allow requests on those ports, you should be able to navigate to the ip address in a browser. If you're requesting your local site from outside your subnet then you might need to configure port forwarding on your router
I am having apache tomcat server on my windows machine. Also I can access this server from other machines on the network.
Now I want to map the IP+Port combination to a name ie currently I have to write http://10.xxx.xx.xx:8080/app_name but I want to access it as http://app_name
How can I go about it? Is there any solution which I can achieve by adding some mapping in apache server file? Also DNS server is not in my control, any way to get around this problem?
Thanks
Rohit
By not specifying a port number, you are defaulting to port 80. Your options are to either modify your server to listen on port 80 or define an external load balancer VIP that does a PAT from port 80 to 8080.
If you take the VIP route, the hostname is defined on the load balancer. If you don't have that option and DNS isn't an option either, you could manually modify your hosts file with an alias. However, this would require all remote users to have your hostname - IP mapping in their local hosts files (making DNS the more manageable solution).
When user types the URL in browser, browser will establish TCP connection with web server in the port 80 by default in case of HTTP, 443 by default in case of HTTPS.
Yes. If Web server exposes any port other than default port, port has to be mentioned in the browser URL to connect and get the data.