cancel
Showing results for 
Search instead for 
Did you mean: 

NAT setup for server behind a router

N/A

NAT setup for server behind a router

i've tried very hard to set up my ethernet modem's NAT (SAR110) so that i can run a web server and CS 1.6 games server from the linux box i just built. I'm quite puzzled though, as to how to do this.

Currently my router (Linksys BEFW11S4) has my box (192.168.1.104) set as the DMZ. This appears to have made another internal ip for the box at 192.168.7.103. My modem is at 192.168.7.1 and my router is at 192.168.1.1.

Ideally, I want people to be able to access my webserver at 212.159.60.245:80 and my CS Server at 212.159.60.245:27015

Anyone with any experience willing to help a NAT newbie? thx
16 REPLIES
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

NAT setup for server behind a router

It appears you're in a situation similar to one I was in (as far as NAT and everything is concerned). Someone suggested putting my modem into bridge mode, so no NAT is performed, and the public IP is passed through. It sounds like that may be what you need. Give it a go!

Thomas
N/A

NAT setup for server behind a router

Thats fine if you only have one PC the other side?

I'm trying to do something similar but with 2 10.0.0 machines that need NAT and a single machine that has a fixed IP. Now if someone can explain if it is possible to set the 110 up in that configuration... Cheesy

B
Community Veteran
Posts: 6,111
Thanks: 1
Registered: 05-04-2007

NAT setup for server behind a router

Ballistix1, please don't take threads off topic. You already have your own thread for your own question.

Oh, and I've removed the duplicate post.

Thomas
N/A

NAT setup for server behind a router

YIKES!

OK
N/A

NAT setup for server behind a router

lol, thx for the idea kuglin, i'll give it a try
N/A

NAT setup for server behind a router

now i'm even more confused...

i tried the bridging thing but that didn't seem to do much. next i took my box out of the DMZ. now one of the box's former ip's (192.168.7.103) points to my router

another puzzling thing - i asked a friend of mine to try accessing my public ip and he didn't see anything. my router did however translate his request - but it looked as if towards internal port 3030! eek
N/A

NAT setup for server behind a router

I imagine that both the SAR110 ADSL Router and the Linksys Wireless Router are doing NAT.

If the SAR110 has a "LAN" IP address of 192.168.7.1, then the BEFW11S4 should also have a 192.168.7.<something> address on its "WAN" interface (not sure if this is what you meant by the 192.168.7.103 address -- it didn't seem like it!).

If the BEFW11S4 is doing NAT (implied by your comment that it has your box set as the DMZ) then the only other "host" the SAR110 is aware of is the BEFW11S4 (which it will see as the 192.168.7.<something> address. Therefore, you need a NAT rule on the SAR110 directing both port 80 and port 27015 to that address. I believe on the SAR110, that is achieved with NAT "RDR" rules.

Having those rules in place will result in the traffic for those two ports being directed to the BEFW11S4's "WAN" interface. It will then do its own NAT thing, and utilise the "DMZ" rules you've already set up, forwarding the traffic to 192.168.1.104.

Remember you will not be able to test this out from inside your network, it has to be done from outside, so post again when you think it's done, and someone will try it for you.
N/A

NAT setup for server behind a router

more info:

grc.com comes up with all ports closed except 21, 23, 80, 135, 445 which are all "stealth"

when i had the dmz set to my box, 192.168.7.103 went to the box's webserver. when i turned off the dmz, 192.168.7.103 went to the router
N/A

NAT setup for server behind a router

The 135 and 445 are probably down to PlusNet blocking those ports because of w32/Blaster.

Don't understand what you mean by "192.168.7.103 went to the box's webserver" and "192.168.7.103 went to the router"!

Do you mean when you web browsed to 192.168.7.103 in one case you saw the home page you've set up on the box, and in the other the Linksys router's web page?
N/A

NAT setup for server behind a router

Actually, your findings make some sort of sense.

When the "box" is set as the DMZ, the Linksys is forwarding port 80 traffic to it, hence you see the "box's" web page. When there's no DMZ host, you see the Linksys's web page instead.

Which suggests rather strongly that the "WAN" interface on the Linksys is 192.168.7.103.

Therefore (I reckon), you need a couple of RDR rules on the SAR110 to forward ports 80 and 27015 to 192.168.7.103. Then on the Linksys, either put your box as the DMZ host, or again specifically forward the two ports to that host.
N/A

NAT setup for server behind a router

what you say makes sense

what appears to be happening is that the modem sucessfully forwards port 80 to the router. so assuming the router has the box set as the DMZ machine, it should forward port 80 to the box. but no response from the server.

in my NAT Rule Stats of my modem:
Total Number of Translation w/ This Rule: 0
Total Number of Inbound Packets w/ This Rule: 31
Total Number of Outbound Packets w/ This Rule: 0
N/A

NAT setup for server behind a router

I don't understand the statistics, but never mind!

The things I'd be inclined to check are:
  • Is the WAN address of the Linksys in fact 192.168.7.103? (The RDR rule might be pointing to the wrong system!)

  • Has the RDR rule been set correctly? The Solwise forums give an example of doing this (item 7).
Don't forget, it has to be checked from outside your network, but I think you know that!
N/A

NAT setup for server behind a router

yes and yes
N/A

NAT setup for server behind a router

Assuming, then, that the NAT rules have been defined correctly on both the ADSL router and the Wireless Router, the next issue is then firewalls on both of those boxes, and possibly on the PC as well.

Since you were able to see the box's web page when the Wireless Router was configured with the box in the DMZ, the prime suspect must be the ADSL Router.

Perhaps it is necessary, after all, to understand what those statistics are telling us!

Quote
in my NAT Rule Stats of my modem:
Total Number of Translation w/ This Rule: 0
Total Number of Inbound Packets w/ This Rule: 31
Total Number of Outbound Packets w/ This Rule: 0

What does it mean that there were 31 inbound packets with the rule, but no translations -- why not 31 translations? What happened to those 31 packets -- did they get dropped (by the firewall?) rather than translated?