Results 1 to 3 of 3

Thread: Problem accessing custom ports from outside of LAN

Hybrid View

  1. #1
    obeghain NNTP User

    Problem accessing custom ports from outside of LAN


    Hello,

    I installed today the Suse Enterprise Server 32-bit as a VM on a VMWare
    ESXi server. Then:
    - I installed on it a product (IBM Rational Team Concert) that I
    configured to listen both on ports 14443 (https) and 14080 (http).
    - I assigned a fixed IP address to the Suse Enterprise server
    - I configured my router to forward the incoming request to ports 14443
    and 14080 to the SuSE server
    - I configured a dynamic domain name service to assign a specific
    domain name to my router IP public address

    When, being local on the SuSE server, if I access the product using the
    web browser pointing to a service running on port 14443; no probs. When,
    being on another physical workstation connected to the same LAN as teh
    SUSE server, trying to access the same service running on port 14443; if
    I use the IP address of the server, it is ok. But as soon as I try to
    connect to it using the public (Internet) address or URI of the router
    (that should redirect requests) it fails. I've the impression the SuSE
    server does not allow incoming requests on port 14443 or 14080 when
    tehse request are relayed by the router. So, what should I do in order
    to allow the SuSE sever accept incoming requests on these ports when the
    source is not issued from 192.168.x.x (local) machine but instead from
    Internet?

    Regards,
    Olivier Bghain


    --
    obeghain
    ------------------------------------------------------------------------
    obeghain's Profile: http://forums.novell.com/member.php?userid=117916
    View this thread: http://forums.novell.com/showthread.php?t=446393


  2. #2
    ab NNTP User

    Re: Problem accessing custom ports from outside of LAN

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    A machine getting requests via your router should not see them as coming
    from the Internet but rather from the router itself so your suspicion
    about it disliking Internet-sourced traffic should not apply. What may
    apply is a DNS issue; you explicitly mentioned another machine on your
    LAN could access these ports via IP address but did not mention DNS or
    hostname; if DNS/hostname work that would be useful to know about, even
    from within your LAN.

    It may also be useful to know exactly how the service shows up in
    netstat as a listening service. Let's get the output of the following
    commands from your server:

    ip addr
    ip route
    grep -v '^#' /etc/resolv.conf
    netstat -planet | grep 'LISTEN '

    Testing the ports with netcat would also be useful from your other LAN
    machine:

    netcat -zv ip.address.goes.here 14080 14443

    Finally, if nothing else stands out after posting all of that we may
    want to see how tcpdump sees things differently depending on the connection:

    sudo /usr/sbin/tcpdump -n -s 0 -i eth0 port 14080 or port 14443

    One suspicion I have is that your router was told to forward to a DNS
    name rather than an IP address and if that DNS name does not resolve to
    the IP address within your network then anything coming through the
    router will fail, while accessing it from the LAN by IP address will
    work as you described.

    Good luck.

    - --
    Want to yell at me in person?
    Come to BrainShare 2011 in October: http://tinyurl.com/brainshare2011
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v2.0.15 (GNU/Linux)
    Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

    iQIcBAEBAgAGBQJOkhWHAAoJEF+XTK08PnB5iMMP/i8NWNf1UuD1Bx6MO5E1xTnK
    tW2j/cFU8FLvWwD2IEjd92rrUIDCw0i1yfI1HqX6PxTs9qg1OndIct4 eyAvVUEO4
    y2So9yRF/Nn2DU5o/G4JxI0N1OgkjU7CP/FKIKoufx9Nve34IRg4ceX69YfA/HLL
    7o0vz48ox2aGvoBHWz+2OPP76OpJamZ5PFI0m4n/HOHsjWtP/uqXStKtMfkQabbX
    Hau/Htrw4kPVHWagZrLlCyOoEKkoHNc2LMfex02ytm2f7Mm6kubLje 2u6VocdUSU
    of7Enzfy+zCNN0sLj70YcVmwULyXDNJB2oozN2GkQR3rQ1hMiJ CKBwjQJrUPLPmm
    ciu26GmdOqGAo0wDi58x9QtrsziN7ZCpHoaV0ndBSqT8Auz/w3ws9Ljk4OnO+vnZ
    MfHuCaaFfe6pK6BMozI6LmiIrzecsHsBvtyXAQtgEgusf2FRgK tuUOFbPH1slAJF
    XMU0TSsMVsfiHb7LcGTpBqf/0jk3HVfoTh0R+PrlVsxCoK0LMP3Mwi6qSQmUEoMT
    yntQAKhgTjRcCK3R7GgST5u7JPafVcZcZFEIRoaJiXlxgRjsTT rLk2qoIefz4O6z
    MT7gK9CtBZ4+0F7jI2huRD59GGtyA8YRVdn8QPYdyp27r9K+H3 UiiPNZIsinTpEo
    SGd8AnGDmNNOMyUTFU0E
    =LFTJ
    -----END PGP SIGNATURE-----

  3. #3
    andy s NNTP User

    Re: Problem accessing custom ports from outside of LAN


    > - I assigned a fixed IP address to the Suse Enterprise server
    > - I configured my router to forward the incoming request to ports
    > 14443 and 14080 to the SuSE server

    Did you assign your router LAN address as the default gateway for Suse
    server?
    This is the most common problem with port forwarding, because your Suse
    server will send its reply for packets with internet addresses to
    default gateway.


    --
    andy_s
    ------------------------------------------------------------------------
    andy_s's Profile: http://forums.novell.com/member.php?userid=67489
    View this thread: http://forums.novell.com/showthread.php?t=446393


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •