Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




1795 posts

Uber Geek

Lifetime subscriber

#223176 17-Sep-2017 15:49
Send private message

I would really appreciate some help getting my head around port forwarding and ddns and how to tell if its working or not, or if I've not done something right.

 

 

 

I have a WHS2011 server with a Microsoft live domain (myname.homeserver.com). Its part of the WHS setup, not something that runs anywhere else.

 

I have a website on that server which I can access remotely via myname.homeserver.com:port1.

 

When I was using Unotelly I used the same domain name to keep my IP updated with them and that worked, so I dont think the Live domain is WHS specific.

 

Now I have replicated the website on a NAS which I can access internally. I have put a new forwarding rule in my HG659b.

 

So I have two forwarding rules now, two ports, two different internal devices, both with static IPs.

 

Rule 1 : WHSWEB : PORT1 : WHSIP10

 

Rule 2 : NASWEB : PORT2 : NASIP11

 

(in the HG659b the devices dont appear as IP addresess but as MAC addresses)

 

But I cant the NAS website remotely using myname.homeserver.com:port2. 

 

I'll need to get an alternative DDNS service at some point as the WHS server is being retired, but not until I can get remote access to the NAS working.

 

I have tried substituting myname.homeserver.com with my.external.IP:port2 but still no joy, so that removes the Live domain from the equation right? 

 

The web response is "This site can't be reached. my.external.IP took too long to respond."

 

I dont know if this means the site just could not be found, or it was found but was too slow.

 

Is there anything I have overlooked?

 

 

 

 





Life is too short to remove USB safely.


Create new topic
/dev/null
9075 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #1867558 17-Sep-2017 16:30
One person supports this post
Send private message

I am going to strongly suggest that you don't port forward to the Windows Home Server - support ended last year for this and since then there has been a multitude of IIS exploits that may compromise your server. One way of getting access would be to use a VPN - if you've got a Raspberry Pi handy then there is an excellent app called PiVPN which will achieve this for you.

 

If this is just a general purpose website you could also host this on a Raspberry Pi or similar.

 

This is just me being cautious - I've seen people lose mass data on their NAS devices via cryptolocker-type tools and would rather you don't be another victim to this.







1795 posts

Uber Geek

Lifetime subscriber

  #1867605 17-Sep-2017 17:34
Send private message

@michaelmurphy

 

I am open to better solutions.

 

I dont know anything about RPis, other than I have heard of them.

 

I realise the WHS is the weak point in my setup, which is why am I trying to retire it.

 

I bought a NAS to hold the data, and it can run the website but it's no biggie if something else does, so long as its on 24/7.

 

I have an older Intel Compute Stick but it might be a bit underpowered.

 

I will also need something to do incremental backups of 4 Win10 computers, but that's a battle for another day.





Life is too short to remove USB safely.


 
 
 
 




1795 posts

Uber Geek

Lifetime subscriber

  #1867608 17-Sep-2017 17:41
Send private message

Do RPi's run Win10, and have ethernet ports?





Life is too short to remove USB safely.


/dev/null
9075 posts

Uber Geek

Moderator
Trusted
Lifetime subscriber

  #1867617 17-Sep-2017 18:03
Send private message

@kiwifidget Raspberry Pi's run Linux mostly. Linux is quite easy to learn and rock solid.

 

What kind of website is it? Feel free to flick me a PM and I may be able to help you out.







1795 posts

Uber Geek

Lifetime subscriber

  #1867621 17-Sep-2017 18:18
Send private message

@MichaelMurphy

 

Thanks for your offer of assistance. Much appreciated.

 

And I may take you up on that.

 

You have put an idea in my head though.

 

I'll put the website on my ICS and see if I have the same issues.

 

It might not be fast, but its just for testing.

 

 





Life is too short to remove USB safely.


469 posts

Ultimate Geek


  #1867941 18-Sep-2017 11:20
Send private message

This won't be a DDNS issue, as long as the hostname resolves to the correct IP, it will either be an HG659 firmware issue or a port problem.

 

Normally when doing a port forward setup and I am having issues I do local testing first to confirm that the services are accessible internally without NAT or PAT being the issue. As it's a website and you now have it running in two places and wish to have it accessible I assume you are running the second webserver on a different port ie 81 or something similar?

 

Can it be reached internally via http://nasaddress:newport - if not then that's your issue. If it is then the next step is to confirm the port forwarding. There are a bunch of online port scan tools available which will tell if the port is open and accepting connections. If the connection is not open then it could be a firmware issue on the HG659, or there is a problem with what you have setup.

 

I generally try and avoid PAT (port address translation ie http://externalip:81 to http:/internalip:80) as I have experienced a bunch of issues with consumer grade devices.

 

 

 

Cheers

 

Matt.




1795 posts

Uber Geek

Lifetime subscriber

  #1868030 18-Sep-2017 13:50
Send private message

@mattmannz

 

Yes, the website has a different port on each device.

 

I can access the websites fine within my network. 

 

I went to setup the Compute Stick but it started doing a big windows update, so thats out of service for a few days.

 

My rules have the same port number on each side.

 

So externalip:9090 goes to WHS:9090, and externalip:9095 should go to NAS:9095.

 

Both the WHS and NAS sites have a login screen before accessing the site.

 

I am using MXTool with my external IP to check the ports.

 

The externalip:9090 connects successfully with MXTool but the externalip:9095 does not.

 

I get this response from MXTools : The remote server returned an error: (401) Unauthorized.

 

What would this error indicate?

 

 

 

 





Life is too short to remove USB safely.


 
 
 
 


872 posts

Ultimate Geek

Subscriber

  #1868042 18-Sep-2017 14:09
Send private message

kiwifidget:

 

The remote server returned an error: (401) Unauthorized.

 

What would this error indicate?

 

 

 

Perhaps the NAS is expecting different host headers? (I assume the URL is different when you are accessing it on the lan?)

 

 










1795 posts

Uber Geek

Lifetime subscriber

  #1868061 18-Sep-2017 14:30
Send private message

@gbwelly

 

 

 

Its not really different.

 

Internally its just internalip:9095 , and externally externalip:9095.

 

I cant use my browser to access the external address because my HG659b doesnt allow it.

 

My old TP-Link ADSL router did, but not this one VF gave me for fibre.

 

So can only test using the MXTool.

 

I have to leave the house and go to the library to test with my browser.





Life is too short to remove USB safely.


115 posts

Master Geek


  #1868150 18-Sep-2017 16:48
Send private message

 

The externalip:9090 connects successfully with MXTool but the externalip:9095 does not.

 

I get this response from MXTools : The remote server returned an error: (401) Unauthorized.

 

What would this error indicate?

 

 

 

NAS probably has it's own firewall, and may be rejecting a connection attempt from outside your LAN?

 

 




1795 posts

Uber Geek

Lifetime subscriber

  #1870743 22-Sep-2017 09:48
One person supports this post
Send private message

Because you've probably all been wondering, I've got it all working now.

 

I was at a friends place when I decided to try it out from there, and it just worked.

 

So I think something to do with the library wifi was blocking it.

 

Thanks everyone for your help.

 

Now onto project two : setting up a RPi3, so exciting!





Life is too short to remove USB safely.


Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Withings launches three new devices to help monitor heart health from home
Posted 13-Feb-2020 20:05


Auckland start-up Yourcar matches new car buyers with dealerships
Posted 13-Feb-2020 18:05


School gardens go high tech to teach kids the importance of technology
Posted 13-Feb-2020 11:10


Malwarebytes finds Mac threats outpace Windows for the first time
Posted 13-Feb-2020 08:01


Amazon launches Echo Show 8 in Australia and New Zealand
Posted 8-Feb-2020 20:36


Vodafone New Zealand starts two year partnership with LetsPlay.Live
Posted 28-Jan-2020 11:24


Ring launches indoor-only security camera
Posted 23-Jan-2020 17:26


New report findings will help schools implement the digital technologies curriculum content
Posted 23-Jan-2020 17:25


N4L to upgrade & support wireless internet inside schools
Posted 23-Jan-2020 17:22


Netflix releases 21 Studio Ghibli works
Posted 22-Jan-2020 11:42


Vodafone integrates eSIM into device and wearable roadmap
Posted 17-Jan-2020 09:45


Do you need this camera app? Group investigates privacy implications
Posted 16-Jan-2020 03:30


JBL launches headphones range designed for gaming
Posted 13-Jan-2020 09:59


Withings introduces ScanWatch wearable combining ECG and sleep apnea detection
Posted 9-Jan-2020 18:34


NZ Police releases public app
Posted 8-Jan-2020 11:43



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.