External connections via port forward/DMZ are received, but the response is not
FIXED- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Everything else
- :
- External connections via port forward/DMZ are rece...
18-02-2018 2:39 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Odd one this. I am hoping that someone else has seem the same symptoms and has an explanation for them.
I have a web server connected to the internet using either port forwarding or by placing the machine in the DMZ (I tried both approaches, with the same results). When testing internally against the 192.168.1.x address it all works fine. When I connect from outside (I tried 3 completely different external locations) the initial connection is successful and I can see an entry in the webserver auth log, but nothing is received by the remote client.
I have a static internet IP address.
I spoke to PlusNet support today, but it seems that they no longer have the kind of technical expertise to help with a problem like this.
Has anyone else seen these symptoms? Does anyone have an explanation?
Fixed! Go to the fix.
Re: External connections via port forward/DMZ are received, but the response is not
18-02-2018 8:31 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
It's not something silly like software firewall is it?
Re: External connections via port forward/DMZ are received, but the response is not
18-02-2018 8:49 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I am fairly sure it is not a firewall problem (but of course could be wrong). The machine running the webserver currently has no firewall running on it (checked with iptables -L), and the incoming request gets to the webserver (nginx) fine. If I connect directly to the webserver using the PlusNet router provided IP address (not localhost or similar) then it works fine (so hairpinning on the router is working - though not relevant to the problem I am seeing).
If there was a firewall then it would have to be somewhere in the PlusNet network which, though possible, seems unlikely, particularly in the context of a response to an already accepted connection.
All three external hosts that I tried from can connect without problems to internet websites.
Re: External connections via port forward/DMZ are received, but the response is not
19-02-2018 8:21 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
I'm not that familiar with Linux so my help will be limited... I recently had an issue where Mr A. N. Other had set up his own webserver at home (on Virgin) for sharing family photos / videos across the world with other family members and had used IP address reservations via the router but had forgotten about an IP camera that he'd fixed manually on nnn.nnn.nnn.2 and forwarded ports 5000 and 554 to it. He managed to allocate the same address to his 'server' with the obvious end result of it didn't work properly. I'd try setting everything up on DHCP first, then reserver the relevant addresses, if it cures the issue, you can then set addresses up as you would like them.
Re: External connections via port forward/DMZ are received, but the response is not
19-02-2018 8:15 PM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks for the suggestion, but I am fairly sure it is not that. The webserver's internal IP address does come from DHCP, and there are no statically allocated IP addresses on that subnet. If I had done something similar and forgotten I would expect to also see problems when connecting internally, which I do not.
Can anyone confirm that they have this working with PlusNet, just so I know it is worth persisting?
21-02-2018 8:29 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Hi -
Could be an incorrect or missing default gateway on your webserver?
Cheers,
Re: External connections via port forward/DMZ are received, but the response is not
21-02-2018 8:39 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Bob Pullen
Plusnet Product Team
If I've been helpful then please give thanks ⤵
Re: External connections via port forward/DMZ are received, but the response is not
21-02-2018 10:48 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
Thanks for that - spot on! The webserver machine is multi-homed, with the externally mapped ports on a secondary network interface. There were two default routes (for some reason, nothing I had done explicitly) with the one with the lowest metric being the wrong one. With the default route set to use the secondary network interface (the gateway had always been correct) then it all starts to work.
This explains why I could connect locally, using the same internal IP as the port forwarding, as there was an explicit route for local connections.
So not PlusNet's problem at all, but a basic configuration mistake in my network.
Re: External connections via port forward/DMZ are received, but the response is not
21-02-2018 10:50 AM
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Highlight
- Report to Moderator
@bobpullen wrote:
What port is the service running on?
I had services running on port 80, 8080, 443 and 22. The problem was, as suggested by j4m3s, an incorrectly configured default gateway.
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Plusnet Community
- :
- Forum
- :
- Help with my Plusnet services
- :
- Everything else
- :
- External connections via port forward/DMZ are rece...