Jump to content



Photo

Accessing my public IP from my private IP...

Answered Go to the full post

  • Please log in to reply
31 replies to this topic

#1 riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 04 March 2014 - 15:44

Hello,

Yeah, this is a stupid Darwin nominee here but I cant see to get it to work.

Im accessing from 192.168.1.7 and I have Apache running on 192.168.1.5 My public IP is 8.8.8.9

The exact address is

https://8.8.8.9/hi

In the firewall, Ive configured that port to open correctly, Ive done my port forwarding right, and when I Teamviewer to a PC outside the network, it works.

NOW, if I try INSIDE the network, I simply get redirected from https://8.8.8.9/hi to https://8.8.8.9

What exactly should I check? Im almost sure its a HTTPS issue of some sort. Allowed NAT Loopback as well.

Best Answer +BudMan , 04 March 2014 - 20:02

I personally never understand the use of nat reflection or loopback or whatever other term you want to use for hitting a public IP on the router from an inside IP just to be "reflected" back to inside your own network.

 

The host is on on the same network as your client box - so just setup your internal name resolution to point you to the internal IP.  This is much better solution then having to worry if your nat device support reflection or not, or if you have it enabled.  Turning on loopback and testing from box inside your network is not a valid test of a forward for starters since there might be issues from the public side in accessing your IP or port - maybe your ISP blocks the port, maybe their ISP blocks the port outbound (non http/https for example)

 

You should always validate from outside your network.  From internal just correctly setup name resolution to resolve whatever fqdn you want to use to resolve to your internal IP and now its moot if your nat device supports reflection/loopback.

Go to the full post



#2 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 35
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 04 March 2014 - 15:55

Ok your firewall needs to support nat loopback. 

http://www.tsamoudak...d-nat-loopback/

 

Otherwise simply have your dns name entered into your local dns server and point that to the interal ip address.

 

hello.macdonalds.com internal a record points to 192.168.1.20



#3 +Nik L

Nik L

    Where's my pants?

  • Tech Issues Solved: 2
  • Joined: 14-January 03

Posted 04 March 2014 - 15:59

My public IP is 8.8.8.9

 

Are you sure?



#4 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 35
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 04 March 2014 - 16:01

That is a Google ip. I am pretty sure he j just using that as an example

#5 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 04 March 2014 - 16:11

Hello,

Are you sure?

That is a Google ip. I am pretty sure he j just using that as an example

<snipped>

Anyways, this is a window to create a new NAT rule:

nat.png

Here is where I set my NAT ruling. I set a

Rule name (whatever I want)
Classification Virtual Server (always been like this for it to work correctly)
Incoming Interfaace wan1_ppp (My PPPoE connection)
Original IP any (This way it can come from anyone)
Mapped IP (the IP of the server)
Por Mapping Type any

Now you see there the Enable NAT Loopback. I tried to enable that but it says it doesnt allow it if the Original IP is "any" as it can lock me out (makes sense)



#6 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 35
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 04 March 2014 - 16:27

I need some sit down time with this. Meetings and bs fir work

#7 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 04 March 2014 - 16:28

Hello,

I need some sit down time with this. Meetings and bs fir work

No problem. It has to be some strange NAT Loopback issue Im obviously doing incorrectly. Thanks for the helpful advice as always.

#8 episode

episode

    Neowinian Fanatic

  • Tech Issues Solved: 3
  • Joined: 11-December 01

Posted 04 March 2014 - 16:53

<Snipped>

 

Here's the on-topic question: If you are off your network, does the forwarding work? Like if you use a port tester such as here: http://www.yougetsig...ols/open-ports/ does it say open or closed?

 

If it says open, its most likely a loopback issue and you should try connecting from another location.



#9 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 04 March 2014 - 16:59

Hello,

Here's the on-topic question: If you are off your network, does the forwarding work? Like if you use a port tester such as here: http://www.yougetsig...ols/open-ports/ does it say open or closed?

This is one of the first tests I did :) Indeed it says that port is open.
 
 

If it says open, its most likely a loopback issue and you should try connecting from another location.

:huh: My first post says:


Im almost sure its a HTTPS issue of some sort. Allowed NAT Loopback as well.

Then I comment:

No problem. It has to be some strange NAT Loopback issue Im obviously doing incorrectly. Thanks for the helpful advice as always.

The thing is that I KNOW its a loopback issue and I mention:

I Teamviewer to a PC outside the network, it works.

So the thing is that I know its a loopback issue, Ive tried it from another location, it works, and now I want to solve it for this, the internal network, location since I know my gateway supports NAT loopback :) Maybe I wasn't clear, if so, my mistake! :)

#10 episode

episode

    Neowinian Fanatic

  • Tech Issues Solved: 3
  • Joined: 11-December 01

Posted 04 March 2014 - 18:03

So the thing is that I know its a loopback issue, Ive tried it from another location, it works, and now I want to solve it for this, the internal network, location since I know my gateway supports NAT loopback :) Maybe I wasn't clear, if so, my mistake! :)

 

Manually set your DNS on your computer to an external address (8.8.8.8, hah), do an ipconfig /flushdns and then try it.



#11 sc302

sc302

    Neowinian Senior

  • Tech Issues Solved: 35
  • Joined: 12-July 05
  • Location: NJ, USA

Posted 04 March 2014 - 18:07

I think if you read this at the bottom it will make sense to you.

http://www.crabtree-...on-zyxel-usg20/



#12 +BudMan

BudMan

    Neowinian Senior

  • Tech Issues Solved: 106
  • Joined: 04-July 02
  • Location: Schaumburg, IL
  • OS: Win7, Vista, 2k3, 2k8, XP, Linux, FreeBSD, OSX, etc. etc.

Posted 04 March 2014 - 20:02   Best Answer

I personally never understand the use of nat reflection or loopback or whatever other term you want to use for hitting a public IP on the router from an inside IP just to be "reflected" back to inside your own network.

 

The host is on on the same network as your client box - so just setup your internal name resolution to point you to the internal IP.  This is much better solution then having to worry if your nat device support reflection or not, or if you have it enabled.  Turning on loopback and testing from box inside your network is not a valid test of a forward for starters since there might be issues from the public side in accessing your IP or port - maybe your ISP blocks the port, maybe their ISP blocks the port outbound (non http/https for example)

 

You should always validate from outside your network.  From internal just correctly setup name resolution to resolve whatever fqdn you want to use to resolve to your internal IP and now its moot if your nat device supports reflection/loopback.



#13 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 05 March 2014 - 00:33

Hello,

I think if you read this at the bottom it will make sense to you.
http://www.crabtree-...on-zyxel-usg20/

Ill give this a shot Thanks.
 
 

I personally never understand the use of nat reflection or loopback or whatever other term you want to use for hitting a public IP on the router from an inside IP just to be "reflected" back to inside your own network.
 
The host is on on the same network as your client box - so just setup your internal name resolution to point you to the internal IP.  This is much better solution then having to worry if your nat device support reflection or not, or if you have it enabled.  Turning on loopback and testing from box inside your network is not a valid test of a forward for starters since there might be issues from the public side in accessing your IP or port - maybe your ISP blocks the port, maybe their ISP blocks the port outbound (non http/https for example)
 
You should always validate from outside your network.  From internal just correctly setup name resolution to resolve whatever fqdn you want to use to resolve to your internal IP and now its moot if your nat device supports reflection/loopback.

I was experiencing a bug with OwnCloud and I wanted to see at the moment if it was something internal or external :)

Sadly, it seems to be something internal and it happens on another network as well. Ill try some more tests and see if someone here has some idea on working with OwnCloud.

#14 Marshall

Marshall

    ▇ ▂ ▃ ▁ ▁ ▅

  • Tech Issues Solved: 7
  • Joined: 22-June 03
  • Location: USA

Posted 05 March 2014 - 00:56

Thread Cleaned

 

Please keep on topic and refrain from off topic comments/insults.



#15 OP riahc3

riahc3

    Neowin's most indecisive member

  • Tech Issues Solved: 11
  • Joined: 09-April 03
  • Location: Spain
  • OS: Windows 7
  • Phone: HTC Desire Z

Posted 05 March 2014 - 09:35

Hello,

Thread Cleaned

Thank you

Anyways, Ive pretty much solved it setting a hostname like BudMan said...Im doing some tests and as soon as I see it resolved, Ill mark it as solved because damn DNS are refreshing...

Now just gotta push it thru my AD (currently trying to figure that out)