Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


ForumsSpark New Zealand (including Skinny and BigPipe)HG659 and DMZ zones. Port 80 is driving my nuts
RobBB

98 posts

Master Geek
+1 received by user: 5


#208267 3-Feb-2017 21:11
Send private message

 

 

I cant access the web server becasue the Huawei hg659 is intercepting it.  It is set in the DMZ (weird how it uses mac not ip)

 

 

 

There is a thing called ACL but if I turn of HTTP: in there I cant access  the router web config pages.  And still cant view pages on my web server.

 

 

 

However  the web server is accessible for people outside my LAN.  Just not for us here using the lan.

 

 

 

How do I turn off the web site blocking from the lan?




-- Rob

Create new topic
yitz
2239 posts

Uber Geek
+1 received by user: 594


  #1715155 3-Feb-2017 21:15
Send private message

If you wish to view the website from your LAN then you need to use the LAN IP not the WAN IP.

 

 

The HG659 does not support NAT loopback a preset of special forwarding rules so you can access port forwards on your WAN IP from within the LAN.



RobBB

98 posts

Master Geek
+1 received by user: 5


  #1715156 3-Feb-2017 21:19
Send private message

No, not a solution.  I am running 2 domains on same IP address, so to access them I need to use the domain names, not the ip address.  Basically this was sweet to do with my other router, why can't the Huawei one handle this?

 

 




-- Rob

sbiddle
30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #1715157 3-Feb-2017 21:19
Send private message

Are you trying to access your server using a FQDN or external IP? If so most routers don't support hairpin NAT to allow this. If you want to connect you need to use the local LAN IP to browse to it.

 

 



RobBB

98 posts

Master Geek
+1 received by user: 5


  #1715164 3-Feb-2017 21:24
Send private message

FQDN, and what do you mean routers don't support this?   My 2 prevoius crap routers from tp link worked.  IT makes no sense that I cant acces my FQDN from the lan




-- Rob

RobBB

98 posts

Master Geek
+1 received by user: 5


  #1715166 3-Feb-2017 21:26
Send private message

Perhaps I am not explaining this very well, it has worked for a few years, today I joined big pipe and gout their routers, now it does not work




-- Rob

Spyware
3818 posts

Uber Geek
+1 received by user: 1366

Lifetime subscriber

  #1715172 3-Feb-2017 21:36
Send private message

Run a local DNS server to point to local address.




Spark Max Fibre using Mikrotik CCR1009-8G-1S-1S+, CRS125-24G-1S, Unifi UAP, U6-Pro, UAP-AC-M-Pro, Apple TV 4K (2022), Apple TV 4K (2017), iPad Air 1st gen, iPad Air 4th gen, iPhone 13, SkyNZ3151 (the white box). If it doesn't move then it's data cabled.

 
 
 
 

Shop on-line at New World now for your groceries (affiliate link).
solutionz
589 posts

Ultimate Geek
+1 received by user: 164
Inactive user


  #1715174 3-Feb-2017 21:38
Send private message

RobBB:

 

No, not a solution.  I am running 2 domains on same IP address, so to access them I need to use the domain names, not the ip address.  Basically this was sweet to do with my other router, why can't the Huawei one handle this?

 

 

Because as @yitz has mentioned HG659 doesn't support hairpin NAT. See Hairpinning and NAT loopback.

 

You have a number of options:

 

     

  1. Use a different modem that supports hairpin NAT.
  2. Add additional LAN IPs to your host and assign a unique one to each web server; setup port forwarding on router like (mydomain.com):81 > 192.168.1.10 &  (mydomain.com):82 > 192.168.1.11
  3. Add and additional (sub)domain to your servers and setup a corresponding DNS record to point to your server LAN IP: internal.mydomain.com > A > 192.168.1.10
  4. Modify your client's host file to point to the LAN IP.
  5. As @Spyware suggests run a local DNS server..

RobBB

98 posts

Master Geek
+1 received by user: 5


  #1715175 3-Feb-2017 21:50
Send private message

Or return the modem and plug my old one in.




-- Rob

michaelmurfy
meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1715180 3-Feb-2017 22:04
Send private message

Step 1) Grab a Raspberry Pi.
Step 2) Install PiHole on it.
Step 3) Disable DHCP on your router, set the PiHole to do this instead.
Step 4) Edit the /etc/ hosts (space added to prevent Cloudflare blocking me) adding to it like so:

192.168.2.2 website.nz www.website.nz website2.nz www.website2.nz

 

Step 5) ???
Step 6) Enjoy your faster DNS server complete with local hostname resolution.




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

yitz
2239 posts

Uber Geek
+1 received by user: 594


  #1715181 3-Feb-2017 22:10
Send private message

If you are on ADSL I say just plug your old modem/router back in.

 

 

For higher speed broadband connections such as UFB you may need to keep the HG659 and implement one of the above solutions.

RunningMan
9185 posts

Uber Geek
+1 received by user: 4838


  #1715192 3-Feb-2017 22:33
Send private message

The issue isn't the router. Bigpipe use cgnat

 
 
 
 

Shop now on AliExpress (affiliate link).
solutionz
589 posts

Ultimate Geek
+1 received by user: 164
Inactive user


  #1715196 3-Feb-2017 22:42
Send private message

RunningMan: The issue isn't the router. Bigpipe use cgnat

 

Good point with BigPipe OP needs to ensure he has a static IP: https://www.bigpipe.co.nz/faq/faq-about-our-plans/faq-static-ip/how-can-i-get-a-static-ip

 

 

michaelmurfy
meow
13579 posts

Uber Geek
+1 received by user: 10910

Moderator
ID Verified
Trusted
Lifetime subscriber

  #1715229 4-Feb-2017 02:22
Send private message

@RunningMan @solutionz you did read this right? :)

 

However the web server is accessible for people outside my LAN. Just not for us here using the lan




Michael Murphy | https://murfy.nz
Referral Links: Quic Broadband (use R122101E7CV7Q for free setup)

Are you happy with what you get from Geekzone? Please consider supporting us by subscribing.
Opinions are my own and not the views of my employer.

sbiddle
30853 posts

Uber Geek
+1 received by user: 9996

Retired Mod
Trusted
Biddle Corp
Lifetime subscriber

  #1715234 4-Feb-2017 06:45
Send private message

RobBB:

 

FQDN, and what do you mean routers don't support this?   My 2 prevoius crap routers from tp link worked.  IT makes no sense that I cant acces my FQDN from the lan

 

 

What I meant was basically what I said - the vast majority of routers out there on the market don't support hairpin NAT so aren't going to do what you want to do. TP-Link actually make pretty rock solid routers with great xDSL performance and all their products support NAT loopback.

 

 

RunningMan
9185 posts

Uber Geek
+1 received by user: 4838


  #1715248 4-Feb-2017 08:40
Send private message

michaelmurfy:

 

@RunningMan @solutionz you did read this right? :)

 

However the web server is accessible for people outside my LAN. Just not for us here using the lan

 

 

Oops - must have missed that. I blame the blurry eyes foot-in-mouth

Create new topic








Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Updates »

Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.








RSS feeds
Main feed
Forums feed
Copyright
©2002-2026 Geekzone®
Site features
Geekzone BI dashboard
Geekzone Badges
Geekzone Status Page

 

Site Information
Subscribe to Geekzone
Privacy Statement
Forum Usage Guidelines (FUG)
Advertising
Trademark and copyright