accessing to router

Discussion in 'Linux Networking' started by alanford, Feb 9, 2012.

  1. alanford

    alanford Guest

    How can i access my local IP from outside of my local network.
    The main thing is that i dont want to use ddns service of my router.
    The port is open and the dmz is set.

    e.g. if this is the ip of my router -12.34.56.78- and if this is opened
    port - 3000 - then when i enter this info in web browser i should land
    on local IP.
     
    alanford, Feb 9, 2012
    #1
    1. Advertisements

  2. alanford wrote:
    [...]

    e.g. if this is the ip of my router -12.34.56.78- and if this is opened
    Errm, the just forward that Port to your local IP address
    an make sure someone is listening on it.
    Your not feit from your Provider changing IP address, though.

    Sorry, what was your question ? :p


    -rasp
     
    Ralph Spitzner, Feb 9, 2012
    #2
    1. Advertisements

  3. alanford

    alanford Guest

    Errm, the just forward that Port to your local IP address
    *** I made this, but like i write i can not access it.

    Your not feit from your Provider changing IP address, though.
    *** this should not be a problem
     
    alanford, Feb 9, 2012
    #3
  4. alanford

    Tauno Voipio Guest


    'Can not access' is not a good diagnostic.
    What happens really (not just imagined)?

    Use a network sniffer, e.g. tcpdump or Wireshark to capture
    the traffic with responses. If you cannot interpret the
    results, post them, so we can try to help you.
     
    Tauno Voipio, Feb 9, 2012
    #4
  5. alanford

    alanford Guest

    -----------------
    wireshark is really very nice tool.
    What information do you need and for should i setup the wireshark.

    192.168.1.222 is the local ip where i want to connect myself when in
    accessing my local network from internet, and this ip is opened, dmz-ed
    and forwarded.

    D-Link_dc:51:2c Broadcast ARP Who has 192.168.1.222? Tell 192.168.1.1
     
    alanford, Feb 10, 2012
    #5
  6. alanford

    Tauno Voipio Guest


    192.168.x.y is a RFC 1918 block address, which is not allowed to
    be forwarded in the public Net. It is absolutely correct that you
    cannot (and should not be able) access it from the outside.

    To access something in the internal RFC 1918 network from the outside
    net, you have to use the IP address on the outside network interface
    in the router and do an address translation in the router, usually
    called port forwarding.
     
    Tauno Voipio, Feb 10, 2012
    #6
  7. alanford

    alanford Guest

    you have to use the IP address on the outside network interface
    in the router and do an address translation in the router, usually
    called port forwarding.
    *** Thank you Tauno but like i write before, i have done this part.
    My router has three possible options:
    DMZ
    open port
    port forward

    btw. there no NAT settings.
    -------------
    I set all this to the local IP ( 192.168.1.222 ).
    OK. i agree with you that i can not access this IP.ΕΎ

    IP address on the outside network interface in the router
    ** if i understand you right you are suggesting that i take one public
    ip address ( i own one and it's the address of my future dns server) and
    to put this IP into router.

    Then to put this ip into port forward list and point to some local port
    (e.g. 3434 )

    I hope i understand you correctly.
     
    alanford, Feb 11, 2012
    #7
  8. alanford

    Bit Twister Guest

    In a nutshell:
    If you want any inbound connections to hit your router, they will have
    to use your router's Internet ip address (89.201.136.173).

    To hit any ip on the LAN (192.168.1.xx), you will have to use port forward.
     
    Bit Twister, Feb 11, 2012
    #8
  9. alanford

    Jorgen Grahn Guest

    Or wait for IPv6, where all of this is a non-issue.

    /Jorgen
     
    Jorgen Grahn, Feb 11, 2012
    #9
  10. alanford

    alanford Guest

    -----------------------
    To hit any ip on the LAN (192.168.1.xx), you will have to use port forward.
    *** :) . I wrote this in the first post. The port forward is set and
    dmz also. The problem is that i have to check which IP should i enter.
    As Tauno has suggested "you have to use the IP address on the outside
    network interface in the router and do an address translation in the
    router".

    Simply:
    which address is the address od the outside network intrface
    (89.201.136.XXX ? ) and which is the LAN address that i can port forward.

    What address should i put into port forward list ?
     
    alanford, Feb 12, 2012
    #10
  11. alanford

    Bit Twister Guest

    According to your header, your "outside network interface" ip is
    89.201.130.134 at this time.
    You put the ip address of the target system you wish the port to be
    forwarded to.


    Example: you tell the router to forward the ssh port to 191.168.1.200.

    You then do a ssh [email protected] and you should see an ssh
    attempt at the ssh port on 191.168.1.200.
     
    Bit Twister, Feb 12, 2012
    #11
  12. alanford

    alanford Guest

    This are the setting in my router:


    Port redirection part
    ---------------------
    Comment:
    Internet port: 80
    Local port: 3333
    Protocol: TCP
    Local computer: 192.168.1.253


    Open port part
    ----------------
    Enable open ports - checked
    Comment: this is ip where i will put my dvr or pc
    Local PC: 192.168.1.253
    Protocol: TCP


    DMZ
    dmz enabled - check
    DMZ Client IP : 192.168.1.253

    Where should i define the outbound address ?

    Those three options are the only options where i can change something.
     
    alanford, Feb 13, 2012
    #12
  13. alanford

    Bit Twister Guest

    Why are you asking about the outbound address?
    Your software listening on port 3333 on 192.168.1.253 decides what
    port it wants to use for outbound connections.

    From what I see, you should be able to run wireshark on 192.168.1.253
    and put something like 85.114.42.50
    in your browser. Your router should see the inbound attempt at port
    80, redirect the packet to 192.168.1.253 port 3333 and whatever is
    listening on 3333 will do whatever it wants with the request.

    wireshark should show you the in/outbound packets.
     
    Bit Twister, Feb 13, 2012
    #13
  14. alanford

    alanford Guest

    --------------------------
    This are the setting of my video recorder connected to my local network:
    192.168.1.250
    255.255.255.0
    192.168.1.1
    dns: 85.114.42.51
    This is where i need to connect from internet, throe my router.
    Video recorder has normal network card, as any computer.
    ------------------------------------------------------------
    I have also tested with my local PC located on 192.168.1.11 and this is
    the result.The settings in router are the same as for video recorder but
    250 is changed to 11. DMZ,open port, port forward.

    62235 59211.598950 192.168.1.1 192.168.1.11 TCP http > 55964 [ACK]
    Seq=695 Ack=416 Win=2100 Len=0

    63161 59478.373130 91.123.204.56 192.168.1.11 TCP 5938 > 59301 [PSH,
    ACK] Seq=7205 Ack=7271 Win=66304 Len=5 TSV=670499247 TSER=14974283

    63398 59652.468703 85.114.34.28 192.168.1.11 TCP pop3s > 34332 [FIN,
    ACK] Seq=3999 Ack=756 Win=4961 Len=0 TSV=2055748525 TSER=15017834
     
    alanford, Feb 14, 2012
    #14
  15. alanford

    Bit Twister Guest

    If 192.168.1.250 is something like mythtv backend, you do not want to
    limit port connections. If you are trying to just hit the web server
    then just forwarding port 80 should be ok.
    Ok, I'll guess that is a result of you putting your internet address
    into your browser or a script kitty script hitting port 80.
    There is a packet from somewhere in Sweden.
    Guessing that appears to be a connection from your ISP's email server.

    It is kinda hard to see what is going on when 192.168.1.11 apps are
    chatting on the net.

    With wireshark in the promiscuous mode on 192.168.1.11, and set to
    watch for 192.168.1.250 packets only, you should be able to have the
    router forward to 192.168.1.250 and see activity when you try to
    connect to the video application from 192.168.1.11.

    If you see packet activity but no application operation then I would
    have to guess firewall/video access restrictions on 192.168.1.250
    causing the malfunction.

    By the way, you can get your internet ip with something like
    wget -nv -O- http://cfaj.freeshell.org/ipaddr.cgi
     
    Bit Twister, Feb 14, 2012
    #15
  16. alanford

    alanford Guest

    *** it's just video recorder with built in sw. You can watch it per firefox.

    I will send you e-mail.
    Take a look when you find time.
     
    alanford, Feb 16, 2012
    #16
  17. alanford

    Bit Twister Guest

    I have a few network tuners managed by mythtv for recording over the
    air tv. :)
    Heheh, you might want to "ping -c1 mouse-potato.com" and check the ip
    address. :-D
     
    Bit Twister, Feb 16, 2012
    #17
  18. alanford

    nescafe Guest

    :) I forget about that :)

    Can you pass mail addr.?
     
    nescafe, Feb 17, 2012
    #18
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.