Cant ping my Netgear static and public IP from remote - ping

I am using Netgear dgn1000 router. I cant able to ping the public static ip address assigned to my netgear router from external computer. For testing, i have allowed all inbound services in firewall rules.

Go to the router's web interface, select Advanced > WAN Setup, then enable Respond to ping on internet WAN port
If this does not help, then the external network filters out ICMP echo requests, bit this is very unlikely.

Related

Caddy on LAN only

I am trying to setup a reverse proxy with Caddy, I also want to use subdomains to point to my different services, so I bought a domain but the domain can only point to an ip-address, and my routers ip-address is not static so to solve that I registered a subdomain on Duckdns and that subdomain is pointing to my routers ip-address all the time, the subdomains on that I payed for have DNS set to point to Duckdns and I have opened port 80 & 443 on my router to point to my server machine that is running Caddy, the caddyfile simply have the domains I payed for point to localhost services.
It works but only on LAN, outside it does not work
If your public IP address is not the same as nslookup mydomain.duckdns.org; the problem is DNS. check your dynamic DNS
client's configuration file for inaccuracies. Restart your router and trial that it works as expected
If the IP addresses match, but you cannot make access from outside the network, its a port forwarding issue. Check port forwarding rules on your router, and opened ports on your server.
sudo ufw status verbose and sudo ss -ltnp are helpful server commands.
If the IP addresses match, but you cannot make access from inside
the network, hairpin NAT is the issue. This is a router issue. Buy
a more feature complete router from your ISP, or setup a local DNS
server to resolve this minor annoyance.
[Using your phone, enable WiFi for 'inside' type testing; disable WiFi for 'outside' type testing].

Direct ping to a server not working, but via another server?

Have a small question..
I got below two ips from my team-mate...
G/W Details: 172.27.180.201 (abc/xyz)
Server Details: 192.168.40.132 (abc/xyz).
When I ping to 201, it goes fine. But ping to 132 didnt work.
Now if I do ssh to 201 and from there I ping to 132, then ping works fine.
So I am thinking what kind of changes I have to do in my Linux-machine(Any static route ??), so that I can directly ping to 132 machine ?
Please help me and let me know if I need to provide any other output details...
Thanks.
The 2 machines (G/W & Server) are in different networks since they are using different private IP address ranges.
Private IP address ranges are as follows:
Class A network 192.168.0.0 - 192.168.255.255 (65,536 IP addresses)
Class B network 172.16.0.0 - 172.31.255.255 (1,048,576 IP addresses)
Class C network 10.0.0.0 - 10.255.255.255 (16,777,216 IP addresses)
Since you can ping G/W:
you are either in the same network and have a class B IP address
you are in a different network which has access to G/W's network by some means (gateway, vpn tunnel etc.)
G/W can ping Server because it has access to Server's network (or Server itself) by some means (gateway, vpn tunnel, firewall etc.)
Disclaimer: I'm not a network expert, my jargon maybe not appropriate :)
172.27.180.201 should do NAT for you.
Or 192.168.40.132 add route.
You can't access 192.168.40.132 only changing your host.

Using DNS with Linux Server

I have apache, php, mysql, etc. setup on my 16.04 linux ubuntu server. I can access the webpage I have createdin /var/www/html/index.php using 10.0.0.8 now I want to use a domain name or even an IP address to access the server off of a local connection and on another internet connection. What do I have to do to do this I have no clue and I have no clue what to google to find out.
You should buy a domain name from a provider such as GoDaddy and assign it to your public IP address. Visit a public "What's my IP?" site to find your public IP address or look in your router settings to see what address was provided by your ISP. You'll probably have to enable port forwarding on your route for port 80 to 10.0.0.8.

How to set a name for Apache server?

I created successfully a apache server but I dont want to connect to it by typing 192.168.0.102, I want a normal url like www.google.com. How can I do that? I went to httpd.conf and found the ServerName line but setting it to something like www.mysite.com doesnt seem to work. I also tried to use my external ip(https://www.whatismyip.com) as server name but it doesnt connect. It only works if I try to connect to 192.168.0.102 or localhost. How do i solve this? Thanks
There are three basic things you need to know.
Virtual name hosting
HTTP allows multiple websites to be hosted on the same IP address and port. The client uses the Host request header to tell the server which site it wants to get data for.
ServerName is used as part of this.
… but the client needs to know how to send a request to the server first.
DNS
When a client makes a request to a server, it uses the IP address of the server in order to allow it to be passed over the network (or networks) to it. It is the address.
IP addresses are sequence so of numbers, which aren't very friendly for humans to work with.
DNS translates friendly names (like www.example.com) into IP addresses.
The client has to look up the name to find the IP address. It normally does this through the main DNS system, and in order to get your name linked to your IP address you will need to find a domain name registrar and pay them.
It is also possible to set up DNS at a local level on a private network, and on a computer-by-computer level using a hosts file.
Routing
The IP address of the server has to be routable from the computer the client is running on.
192.168.0.102 is a private address, accessibly only on the same LAN. To make it accessible to clients on the Internet you need to either:
Set up your router to use port forwarding and then use the Internet facing IP address of the router (which https://www.whatismyip.com tells you) or
Give your computer a public IP address and configure your router to route traffic to it (this generally isn't possible on consumer grade routers).
In short, you can't. 192.168.0.102 is not accessible from the Internet it is internal IP.
But you have some alternatives, like if you like to access your computer from a hostname you can use dynamic DNS servers.
Or you want to test your code on a spectacular domain, you can add 192.168.0.102 with a domain to your hosts file, then only you can use this domain with your local computer.
But, If you really want to serve some content to the Internet from your local computer you have to find a DNS server service (like cloudflare) to point your domain to your public Internet ip not to 192.168.0.102.
You configure the virtual host and set the server name to the domain name you want. After that, Apache will check the requests and will use that virtual host if a request was made for that domain name. In order for that to work, that domain should point to your IP address where the server is running.
If you want to test if the configuration works, edit your /etc/hosts file and add that domain name to 127.0.0.1. After that you will be able to access to that virtual host if you try to access to that domain name from your browser.
More info here : https://httpd.apache.org/docs/current/vhosts/name-based.html

Why is connection failing when port-forwarding with dynamic dns in same network

I have a MySQL database running on my raspberry pi.
To access it I use dynamic DNS (duckdns) when I am outside of my network, but I would like to access it with same dynamic domain name when I am inside my network. However it is not working and I always get connection refused.
I would like somehow enable it so I do not have to change in app.config MySQL server address from my dynamic domain to localhost when I am inside my local network.
You'll need a gateway router that supports NAT hairpinning. Many consumer-grade units (and some supposedly commercial-grade equipment) doesn't support this. Either yours doesn't, or you need to find an option to enable it.
When you try to connect to the public IP address from inside the network, the router probably assumes that you want to connect to the router itself.
My cable modem's built-in router at home understands how to do this. When I access my server from the laptop, and connect to the public IP from inside, the router (inside the cable modem) does a transformation on the packets so that my server sees my connection coming from the router's IP address, not my laptop's IP address.
This is what has to happen, because when the server responds, it will respond to the machine that connected to it. If it responded to the laptop's address, the laptop would reject the traffic, since it would be coming from ther server's internal IP, which is not the IP address I connected to. So, it responds to the router, which does a second transform on the packet address, replacing the server's internal IP with the external IP. Remembering the session from previous traffic, the router then sends the packet back to the laptop.
Ultimately this setup can't possibly work for you without the complicity of your router, which may not have that capability.
Some routers, however, have a DNS proxy that will allow you to create static entries. My former DSL modem could not hairpin NAT connections, but it had a way to create DNS entries that would be used to respond to internal DNS queries for a specific host... with a different IP than the one that DNS otherwise provided. That's an alternative workaround if the router supports it.