I have one linux server which has one public ip. I have deployed one webapp which I can access using internal ip address like - http://[internal_IP]:8080/blackbox/Index.jsp which works. but when I try to access the same from public ip http://[public_IP]:8080/blackbox/Index.jsp, it does not work. Can you please suggest how can I make it work?
Make sure Tomcat is listening on your public interface by:
netstat -an
Listening on *:8080 is ok, but 127.0.0.1:8080 means it is only listening on the local loopback interface.
Also check your topology. There can be a local firewall software stopping incoming traffic. Also if you are behind a NAT, the port has to be forwarded to your macine.
If you're using a consumer grade router, it might be the problem. I've come across way too many cheap routers that got confused when you tried to connect from your LAN to your external IP... But it all works fine if you connect from outside your LAN.
So check that other networking services or such work if you connect using your external IP.
It can be your linux firewall, or your router is not portforwarded for this service.
Related
Well I'm running ssh server on my laptop which I'm portforwarding to my router and I assume that I can now connect through my routers ipv4 and port in order to tunnel back to my laptop but it doesn't work like that does it.
Can someone explain to me what I need to do in order to make this work. Simply please I don't want to get confused and I know this is a noob question but I went straight to other things instead of learning some basics and now I'm feeling the consequences lol.
Depends from where do you want to access your laptop. If it's just from your local network or LAN, you don't need to setup anything on the router. If, however, you want to access it from the internet, you need to setup port forwarding on the router, but probably also set it up with your ISP.
SSH server setup
SSH server normally runs on port 22 (SSH port). At first your laptop's firewall blocks all incoming traffic! So in order allow people to access your laptop through SSH, you need to tell your firewall to allow incoming traffic on port 22. Also, if you haven't already, set a static IP on your laptop so that you can configure the router for port forwarding and access your laptop easily. And make sure to exclude the static address from the DHCP range (so that your router doesn't your static IP to another device).
LAN connection
In case of SSH connection only on your local network, all you need is the local IP of your laptop. That's it.
WAN connection (internet)
So first, of course, you need to enable port forwarding on your router and specify the port 22 and your laptop's local IP address. But you need to know how are you connected to the internet. Because, ISP's can have an intermediate layer (or layers) network. And this network eventhough is way bigger than you home network is still a private network, and uses private IP addresses. So in order to access your laptop through the internet, you have to talk to your ISP. And the final public IP is the one you would need to access the SSH server.
I am a novice at networking, I have a NodeJS server running with server.listen(3000, '10.0.0.7'); and have forwarded port 3000 with the internal IP address of my server being 10.0.0.7. I can connect from another machine on my network by putting in the browser: 10.0.0.7:3000. It is my understanding that my external IP address should connect me to the router which should then forward me to the server I have set up on 3000.
Am I missing something important? Because I am unable to connect via the external IP address.
Also please note that my firewall is disabled.
I am neither a network expert so excuse me if I use any incorrect terms. In my understanding, you are right about the current configuration, however you are missing the last step. By default, your router makes your LAN unreachable from a so called “external ip”. Just for the definition: external ip in this case is every ip that is not in your LAN. Imagine if your router would allow any communication without you explicitly giving permission. Every open port on your LAN would be available for the network that your router connects to. That is definitely not desirable.
Lets look at it with an example, quoted from this article:
your router has an ip of: 5.6.7.8 if you access it from outer network (internet)
your router has an ip of: 192.168.1.1 if you access it from your LAN
your laptop is in your LAN and has an ip address of 192.168.1.10 and you want to expose port 3000 from your laptop to the outer network (internet)
You have 2 options:
You can expose the port via the configuration of the router (e.g.: you map 5.6.7.8:3000 to 192.168.1.10:3000 in the router configuration and now it will be accessible from the outer network on 5.6.7.8:3000. Note that you can choose any free port, ports don’t have to match.). Of course it is only possible if you have the option to configure the router and you are willing to do so. (e.g.: if you are not in a café)
You can use some tunneling tools like Ngrok or OpenSSH, which make a direct tunnel between the external machine and your server. This can also work if you don’t have the ability to change the router configuration.
Hope I was able to help. Good luck.
I have built a d3.js dashboard that ties into a tornado websocket. Everything works perfectly locally. I now would like to have the ability to share the websocket with a few friends, nothing production. Is there a way to do this without a big deployment on Heroku or other similar service? I've googled and can't seem to find an answer. Thanks
Not specific to Tornado. This is more of a networking question.
What you want to do is:
Run your server on your computer.
Connect to the internet.
Note down your public IP address.
Give your IP address to your friends.
Certain things you need to take care of:
Run your server on a higher, non-standard port (e.g. 8000 would be good) because ISPs block traffic to port 80 and other standard ports.
The IP address assigned to you by your ISP will most probably be dynamic. That mean, every time you diconnect and reconnect to the internet, your IP address will change.
Turn off your computer's firewall to let in the traffic at whichever port your server is running.
Finally, you'll need to configure port forwarding on your router. What that means is all the incoming HTTP requests will arrive at your router at your public IP address. But your computer where you'll be running your server will have an internal IP address assigned by your router. So, you'll need to forward incoming requests to your computer's internal IP.
I'm currently working on a project where I use a raspberry pi as a server for a home automation server. It works fine on my local network but if I want to use it from an external computer I need to forward the used port on my router.
I'm trying to find a way to make http(s) gets to the server without having to forward the port on the router. I want this because if I would install the system at someone's place (a customer maybe in the future) I don't want to have to access their router.
I've tried using SSL and https but I ran into the same problem.
Is there any way this is possible or is it a lost case?
PS I can't use port 80 since it is already in use.
Thanks in advance
There are two ways to get to the result you want:
Port forwarding, which you've dismissed
Giving the raspberry pi it's own public IP address (which requires a public IP address and access to the router to configure the traffic routing, which you've dismissed).
So let's go back to port forwards.
Most consumer routers these days support NAT traversal via uPNP.
You can use the nat-pmp module to reqest the the router forward a port for you, without having to have direct access to the router.
I have the below the setup.
1)Desktop with windows 8 64bit os & Iam using net gear router connected to my desktop via Ethernet cable.
2)Currently iam using public ip or static ip(ex:123.45.67.890)from my isp.
3)Installed virtual box
4)Installed oracle linux 6.5 in virtual box
5)Installed oracle ebs.in virtual box
6)Virtual box network mode:bridge
7)My netgear router ip range 10.0.0.1 to 10.0.0.20
8)Assigned static ip in oracle ebs(10.0.0.30) with port 8000.
(note:the given ip is not in my router ip range)
9)Added host details(10.0.0.30 ebs.example.com) in my windows system32-->drivers-->etc folder-->host file.
Iam able to access url(http://ebs.example.com:8000) and I can ping ip of oracle ebs(10.0.0.30) from windows 8.and everything is fine.
My requirement is
10)I want to access the same url http://ebs.example.com:8000 from outside of my network.(eg:outside of my city or town).
(Note:I already tried by portforwarding 10.0.0.30 with port 8000 in my router but there is no luck)
Please can anybody help me on this request.
Virtualbox network interface in bridge mode is transparent to the router. It creates the virtual adapter in software mode and uses injection on your VB host network adapter to have the job done. It means that the router will see your VM as it does for any other computer, like if your VM were directly connected to the router. At this point you should assign a IP on the VM that's on under router IP range to avoid routing/permission/port translation problems.
Sure you will need port forward on the router but for testing purposes try to set the VM IP as DMZ on the router. With this setting all requests from outside world on any port will be redirected to the DMZ machine. If it works you can go more restrictive and forward just the needed ports.
Many ISPS blocks common server ports, like 8080. You must make sure you're using a port not blocked by the ISP. For this try setting up a service on a not common port (like HTTP on port 49010 or whatever port not listed by common services), and test it. If it works change the service to the desired port (8080), if it stops working it probably means that ISP is blocking port 8080.
You will not be able to access your VM from internet using such address like http://ebs.example.com:8000 or any other FQN in a simple manner as it does need DNS translation. Its possible doing so but you will need to buy and register some FQN and then find some service that offer DNS over Dynamic IP. Not sure what you mean by public or static IP because a static IP can be also public. In case you have a static IP you will not need specific services for dynamic IP but just the usual structure: Buy a domain name, buy or use own registar DNS servers to have a working FQN pointing to your IP.
Another approach is using a non FQN redirection service commonly used for dynamic IPs but that will work on static IPs also like DYN DNS, No-ip or any other.
With a static IP you dont even need some FQN. You can just use your IP directly like 123.45.67.890:8080 when need connection from internet.