| |
[Connectivity] Most (but not all) networks cannot see my serverI understand that Comcast TOS says running a server is not allowed, however I have been able to in the past and I have called tech support several times about my current trouble and they have been pleasant and helpful (though with obviously limited knowledge) and there has been NO mention of TOS. Tech report response to my problem is "You should not be having any trouble."
A friend in another state is able to access my server (though he is connecting via Comcast as well), but nearly any other attempt I make does not connect. I can also check with sites like canyouseeme.org and any ports I check get reported as blocked.
I have checked to see if I'm on blacklists and generally the answer is "No," however it would appear that anyone with a dynamic IP is likely to be on one or another blacklist.
I cannot figure out why I am unable to connect to my PC from outside my network. Can anyone point me in any direction to resolve my issue.
I know I am not including much technical information, but I don't feel there is much I can think to include. My previously working configuration included Web Server, FTP Server on standard ports. |
|
| |
Re: [Connectivity] Most (but not all) networks cannot see my sermore info needed. what kind of router are u using? have you tested like logmein service. i know that isnt what u want to do but you could have a friend use that and see if he gets access? i moved most of services to cloud except for like media. I can watch a movie etc when I am not home but I gave up one home server LOL |
|
 NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro
Pace 5268AC
TRENDnet TEW-829DRU
|
to fmsthree
said by fmsthree:I cannot figure out why I am unable to connect to my PC from outside my network. Can anyone point me in any direction to resolve my issue.
I know I am not including much technical information, but I don't feel there is much I can think to include. My previously working configuration included Web Server, FTP Server on standard ports.
And unless you can include some technical information, there isn't much anyone can do to help you. If you consider what you are doing as so private that you can't reveal any details, then you are probably going to have to hire a consultant whom you trust and/or whom you have sign an NDA. |
|
| |
to awasser1
I have the SMCD3GNV - modem/router from Comcast. I am able to connect using Teamviewer with no trouble. I use my server for many things and controlling it from my phone or laptop when away from home is very useful to me. |
|
| |
have you tried putting the computer that you are using for a server into the dmz? this will open all ports at least to try it and see if you can then access it from the remote location. in case you dont have a guide I have found one here. pg 39 tells you how to put your computer into a dmz. basically you just need to put the internal ip of that computer in the configuration and reboot. I would reboot the router and the pc then. let us know if you have tried this and your results . » media2.comcast.net/anon. ··· 0811.pdf |
|
 graysonf
MVM
join:1999-07-16
Fort Lauderdale, FL |
to fmsthree
Teamviewer requires no modem/router configuration at all because the Teamviewer people run a server that handles the connections.
Other services that you yourself run will require some router/firewall configuration. But you still have not provided any details that are needed to help you further. |
|
| |
to awasser1
Thanks awasser1, that is a simple test I had not tried and it is very revealing. Before making that change, I couldn't get any response. After putting the server IP in the DMZ, I can at least get a successful PING. That certainly says a lot and puts me on a new path. That's a great tip, thank you very much. |
|
| fmsthree |
So, I had Comcast put my Gateway in Bridge Mode and am temporarily using a Linksys/Cisco E2000 as a router. I have setup routers for several years, and though I'm no pro, I am comfortable with port forwarding etc. I am still having nearly the same problem, however from outside my LAN, I can browse to the Admin Page of the router on port 8080. I have port forwarding setup and have even tested forwarding port 80 to a very generic page on a little PC that should have no protection or special restrictions and it is not accessible. If I make the router admin page accessible on 80 I can browse to that, so it would appear that neither Comcast nor the modem is the issue, but still no joy. I understand that I am not including a whole lot of information, but there is almost an unlimited amount of information I COULD send and I don't want to get bogged down in minutia as this would seem to be an odd issue that I'm hoping sounds familiar to someone. |
|
graysonf
MVM
join:1999-07-16
Fort Lauderdale, FL |
Many routers that have their administrative interface running on port 80 will not port forward inbound traffic for port 80 to a LAN machine unless the administrative interface is reconfigured to use another port. |
|
NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU
|
NetFixer
Premium Member
2013-May-3 12:27 pm
said by graysonf:Many routers that have their administrative interface running on port 80 will not port forward inbound traffic for port 80 to a LAN machine unless the administrative interface is reconfigured to use another port.
And I have run into cases where even that did not help. Port forwarding for port 80 simply did not work as long as remote administration was enabled. It made no difference what port was used for the html admin server if remote admin was enabled. But at least the OP condescended to providing a minor clue (the mysterious server is a web server) instead of refusing to provide any information. |
|
| |
Ok, I DO appreciate the suggestions, however my reasoning for not posting more information is that I do have a pretty good understanding of what I'm trying to do and I'd rather not get bogged down in details that will be unrelated.
Yes, the machine in questions is a web server, but it is a lot more than that and many ports are needed outside my LAN.
The obvious indicators to me are that if I put the IP of my SIP device in the DMZ, and test from canyouseeme.org (or similar) port 80 shows open. I can browse to my WAN IP from outside and access the administration page on the SIP device. If I turn on my router's remote admin feature on 8080, I can access that page as well from outside. If I then change the DMS setting to my server internal IP, 80 and all other ports except 8080 show blocked. This server had been working fine a while back, but it is not use a lot, so I can't say when it stopped.
I have used nmap and see nothing that would suggest a problem. All ports are accessible within the LAN. Looking at iptables also does not show anything is blocked. |
|
NetFixerFrom My Cold Dead Hands
Premium Member
join:2004-06-24
The Boro Netgear CM500
Pace 5268AC
TRENDnet TEW-829DRU
|
NetFixer
Premium Member
2013-May-5 7:00 pm
said by fmsthree:Ok, I DO appreciate the suggestions, however my reasoning for not posting more information is that I do have a pretty good understanding of what I'm trying to do and I'd rather not get bogged down in details that will be unrelated.
Yes, the machine in questions is a web server, but it is a lot more than that and many ports are needed outside my LAN.
The obvious indicators to me are that if I put the IP of my SIP device in the DMZ, and test from canyouseeme.org (or similar) port 80 shows open. I can browse to my WAN IP from outside and access the administration page on the SIP device. If I turn on my router's remote admin feature on 8080, I can access that page as well from outside. If I then change the DMS setting to my server internal IP, 80 and all other ports except 8080 show blocked. This server had been working fine a while back, but it is not use a lot, so I can't say when it stopped.
I have used nmap and see nothing that would suggest a problem. All ports are accessible within the LAN. Looking at iptables also does not show anything is blocked.
And if no details are provided, then any advice is going to entail getting bogged down with unrelated information.  With that limited additional information, my guess (however unrelated it may be) is that you have a software firewall config problem in that server. It is certainly possible to have firewall rules that block Internet access, but allow LAN access (and some software update process, or something like installing a new NIC might have changed the firewall rules that you originally setup). Have you tried to temporarily shutdown the software firewall and run an external scan while the server was in the router's DMZ (or with only the required ports forwarded)? Or perhaps do that while running Wireshark to see what packets (if any) reach the server during an external scan while it was in the router's DMZ (or with only the required ports forwarded)? Using Wireshark could tell you if the problem is inbound blocking or outbound blocking (either of which could produce the symptoms you are reporting). |
|
| |
to fmsthree
said by fmsthree:Ok, I DO appreciate the suggestions, however my reasoning for not posting more information is that I do have a pretty good understanding of what I'm trying to do and I'd rather not get bogged down in details that will be unrelated. Sometimes a detail you feel isn't necessary is actually the one that will solve your problem. It's in your best interest to provide every little detail you can. I've got expert-level knowledge in this field, and when I ask for help on a forum, I'm posting every piece of information I can think of. I'm not too good to do it, and neither are you. |
|
