cancel
Showing results for 
Search instead for 
Did you mean: 

External IP Access on WAN

Ween
Hooked
Posts: 8
Registered: 16-01-2017

External IP Access on WAN

I am having issues accessing my external IP internally.

I pay for a fixed static IP address and have the following ports forwarded for various services 8989. 32400, 6789 i can access all of these services when not connected to my local LAN.

 

I access these services using duckdns and browse via the URL / specified port number, i can see all of the ports are open when checking http://canyouseeme.org/ so i am confident everything is set up correctly in relation to port forwarding.

When typing my duckdns url or public ip address x.x.x.x:8123 when connected to my LAN either on eth0 or wifi.

I received x.x.x.x took to long to respond.

 

I have the Thompson TGTG582N router. Is my issue here with reverse loop back.

 

I have set a static ip address on the device and reserved the address range in DNS.

8 REPLIES
Community Veteran
Posts: 6,330
Thanks: 477
Fixes: 42
Registered: 30-07-2007

Re: External IP Access on WAN

Is my issue here with reverse loop back.

Normally, I would say yes. However IIRC the TG582n is supposed to have NAT loopback enabled OOTB https://community.plus.net/t5/Broadband/Nat-loopback/m-p/957469

It's probably worth just checking though...

southerner
Aspiring Pro
Posts: 506
Thanks: 45
Fixes: 1
Registered: 27-11-2013

Re: External IP Access on WAN

Is it your router you're trying to access internally? Just thinking your router would be accessible via it's Default Gateway address internally with an external IP of your Plusnet static IP or if it's the PC you're on you want to access it would be 127.0.0.1/localhost.

Superuser
Superuser
Posts: 9,039
Thanks: 490
Fixes: 43
Registered: 06-04-2007

Re: External IP Access on WAN

The router needs to support what I think is called hairpin NAT (or loopback NAT) for this to work and most consumer routers don't.. An alternative is to create and use a DNS server on your own network which translates the URL to the internal IP.

David
Ween
Hooked
Posts: 8
Registered: 16-01-2017

Re: External IP Access on WAN

I have puttyed into the router an issued command "ip config natloopback= enabled.

 

@southerner No i can acccess my router by typing 192.168.1.254.

 

MY other services such as plex, sonarr, NZB, Plexpy run on my PC 192.168.1.64 and as local services

http://localhost:8989

http://127.0.0.1:6789

http://localhost:8181/home

 

My HASS instance is running on my raspberry pi 192.168.1.94 i have port 443 > 8123 this service along with the SSL cert works fine when accessing from outside my local network.

 

 

Ween
Hooked
Posts: 8
Registered: 16-01-2017

Re: External IP Access on WAN

Thanks @spraxyt i thought this would be the case, i will go down the dns route untill i purchase a new router

Browni
Seasoned Champion
Posts: 1,606
Thanks: 456
Fixes: 36
Registered: 02-03-2016

Re: External IP Access on WAN

The O2 version of the TG582n supported NAT loopback so I would be surprised if the Plusnet version didn't.

@Ween did you enter a saveall command as well as the ip config command?

I must have been really bad in a previous life. This is my 3rd ISP in a row that uses lithium.
Ween
Hooked
Posts: 8
Registered: 16-01-2017

Re: External IP Access on WAN

@Browni yes "saveall" command was issues via telnet.

 

Ween
Hooked
Posts: 8
Registered: 16-01-2017

Re: External IP Access on WAN

  • Client: 192.168.1.64
  • Server: 192.168.1.94
  • Router internal: 192.168.1. 254
  • Router external: 80.x.x.x

Here is what is happening:

  1. Client (192.168.1.64) sends TCP-SYN to your external IP, Port 443 (80.x.x.x:443)
  2. Router sees port forwarding rule and forwards the packet to the server (192.168.1.94:80) without changing the source IP (192.168.1.64)
  3. Client waits for a SYN-ACK from the external IP
  4. Server send his answer back to the client directly, because it's on the same subnet. It does not send the packet to the router, which would reverse the NAT.
  5. Client recieves a SYN-ACK from 192.168.1.94 instead of 80.x.x.x And discards it.
  6. Client still waits for a SYN-ACK from 80.x.x.x and times out.