# Opening up to the outside world. [solved]

## pappy_mcfae

I'd like some information on how to allow people into my web server. I want to experiment with getting a server online. Before I get the RTFM, I don't want to do it if it's going to piss off Earthlink. That's why I'm asking here first.

Here is my net setup:

DSL modem --> Wireless AP --> 8 port switch --> Machines.

Private IP: (for now, anyway) 66.167.95.95

DSL IP: 192.168.1.1

Wireless IP: 192.168.0.1

Machine in question: 192.168.0.130

DSL modem: ZyXEL P-660R-ELNK

W/L Router: D-link WBR-1310

Switch: Belkin F5D5131-8

Any help is appreciated.

Blessed be!

Pappy

----------

## downer

Hi,

You should be able to do it by just forwarding port 80 to the correct machine.

(if you're lucky  :Wink:  )

//D

----------

## pappy_mcfae

Yes, I know that part...the how is what I don't know. I can get to the insides of the DSL modem and the wireless AP. I just don't know what to put where in which to make it go. 

Blessed be!

Pappy

----------

## keyson

Have a look on this page

http://www.portforward.com/english/routers/port_forwarding/routerindex.htm

And se if you can find your router (AP) in the list.

This gives you info about what to put where.

----------

## pappy_mcfae

Thanks...I set up the numbers. Unfortunately, I can't tell if I'm visible or not. When I log into my posted IP address, I get the DSL modem. I need someone to see if they can get my rather dull looking web page on the other side. If so, then I have done the deed. 

I have Wireshark up and running, so if anyone happens along on November 4, 2008, at approximately 14:00 hours CST, pop in that number, 66.167.95.95, and see if you can see my dull files download page, and the link...and tell me here.

Thanks

Blessed be!

Pappy

----------

## wuzzerd

No go with the browser.  Nmap shows this:

```
Interesting ports on 66.167.95.95:

Not shown: 994 closed ports

PORT     STATE    SERVICE

21/tcp   filtered ftp

23/tcp   filtered telnet

80/tcp   open     http

443/tcp  filtered https

1720/tcp filtered H.323/Q.931

8080/tcp open     http-proxy

```

Can't reach the other ports either.

Hmm.  Can ping ya.

----------

## pappy_mcfae

I believe the fact that port 80 is open is a good thing. The question is, since I can forward ports with both the DSL modem and the wireless AP, should I forward BOTH to the machine in question, or should I only forward the IP address with the DSL modem or the AP? 

Still working on it...

Blessed be!

Pappy

----------

## keyson

You need to forward the port from your zyxel modem that also is a router to the address of the

input port on your wireless access point (that also is a router). As both work as firewalls.

66.167.95.95 -->modem 192.168.1.1--> <-- 192.168.1.2--( AP)  192.168.2.1--> <---192.168.2.2 computer

Don't know your network addresses but if it looks like the above. 

Forward port 80 in the modem to 192.168.1.2 that is the input of the netgear AP.

Then in the netgear forward port 80 to 192.168.2.2 that is your computer.

The IP addresses may not be right, but I think you get the picture.

----------

## pappy_mcfae

OK...I think I got that right now. Can we all retry? 66.167.95.95.

Blessed be!

Pappy

----------

## keyson

NO,

You have opened the config server in the zyxel modem on port 80 out on the net. Don't do that.

```

80/tcp   open     http           Embedded Allegro RomPager webserver 4.07 UPnP/1.0 (ZyXEL ZyWALL 2)

```

EDIT: Sorry, bed time her.

----------

## wuzzerd

Well at least I get this now:

```
P-660R-ELNK

   

   Enter Device Password and click "Login" to continue.

   

      Password:   

Login     Cancel
```

Edit: which probably is your modems web interface

----------

## pappy_mcfae

It probably is. I am starting to think that my ISP doesn't like to have such things happen. 

Blessed be!

Pappy

----------

## pappy_mcfae

 *keyson wrote:*   

> NO,
> 
> You have opened the config server in the zyxel modem on port 80 out on the net. Don't do that.
> 
> ```
> ...

 

So, what do I do instead? It's closed now...

Blessed be!

Pappy

----------

## Hu

Most ISPs disapprove of servers because typical server usage patterns consume much more bandwidth than a simple client would consume.  You need to configure the DSL modem to forward port 80 from its public IP to 192.168.0.130:80.  If your wireless AP tries to do NAT as well, then this is harder.  I suggest turning off NAT on the wireless AP, since it serves no purpose with the DSL modem already doing NAT.

You may be able to test the configuration by using an anonymous browsing service, since that will result in the connection coming back to your network from the outside.

----------

## pappy_mcfae

I am starting to wonder if the problem is deal-with-able without asking Earthlink for permission to put up the server...which translates into more money. I don't see any harm in trying.

Blessed be!

Pappy

----------

## pappy_mcfae

Ok, I got it to work! My IP address has moved, but I got it working! NICE NICE NICE! WHEW!

A great thanks to Hu. Your ideas helped me get to the world. 

Blessed be!

Pappy

----------

