Results 1 to 5 of 5
  1. #1
    Master Untangler u3b3rg33k's Avatar
    Join Date
    Nov 2008
    Posts
    234

    Default Can't access own IP via web browser

    I have untangle in router mode, with NAT'ed web, ftp, mail, and ssh servers behind it.
    I can check my email from inside (name resolves, and test emails get through), but when I try to visit my own IP (the IP that Untangle has) from the web browser, or any of the domains I host, I can't access them from behind untangle. they load just fine from the outside, and my cell phone and others can see them.

    I'm sure i'm missing something obvious. Help please?

  2. #2
    Master Untangler u3b3rg33k's Avatar
    Join Date
    Nov 2008
    Posts
    234

    Default

    Oh, I am using an external DNS service, so it's not that I forgot to set up DNS. i can ssh to myself, and ftp. So it seems it's only http that doesn't work.
    Last edited by u3b3rg33k; 12-02-2008 at 01:32 PM.

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    Go adjust your NAT rule that forwards port 80. Make sure it has a destination IP set to the external IP that is publicized in DNS for your domains. Make sure you have a destined local rule, and then look finally at the source interface rule... I'm willing to bet you have external checked, you need internal too!
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

  4. #4
    Master Untangler u3b3rg33k's Avatar
    Join Date
    Nov 2008
    Posts
    234

    Default

    You, sir, are quite correct. It works now, and it would appear that UT is smart enough to not apply QoS rules to this bandwidth.

  5. #5
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    26,491

    Default

    Glad you got it up!

    The 2 common mistakes with port 80 forwarding...

    1.) you need destined local, AND you need destination IP

    These two checks ensure that the only port that is forwarded is the port 80 bound to the specific IP address that is located on the Untangle platform that you've assigned to your web server publicly. If you don't do this, IPTables will try to forward 80 on ALL interfaces and IPs assigned to Untangle... which conflicts with the internal web service serving up the HTTP management and the nice block pages.

    2.) That darn internal box.. and VPN in cases for that matter.

    This setting tells the untangle what interfaces the traffic is allowed to enter the Untangle from. If you don't check the appropriate box the rule is never fired and the traffic is simply not forwarded. It will land on the external interface and drop into the proverbial bit bucket.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2