I have moved to a new place that provides an ethernet port in the wall which I have attached my router to (using dynamic IP setting). I know how to port forward with my router and it worked fine until now with a DSL connection:
My router provides 192.168.0.X IP addresses to the clients in the house. When I checked my router settings I have noticed that the default gateway and the IP address starts with 172.16 (I have connected to the router settings using 192.168.0.1), while when checking what is my external IP (through whatismyip.com for example) it shows a different IP address. I guess it means that it's a VLAN (I'm not an expert...)
When I enter the default gateway it asks for username and password which I don't have, so I guess this is the main problem. Is there a way to port forward anyways?
Thanks in advance.
the IP address starts with 172.16
That is a private IP address. Unless the port forwarding is also set up on the previous NAT router, there's no way your router can forward from public IP space.
Dual-stage forwarding is possible but requires the real public router's admin to set that up. The only alternative is via a tunnel from another public IP address (port forward from an external server/router into a VPN tunnel that you terminate).
A VLAN is nothing that can help you here.
Related
I just obtained static IP from ISP and configured port forwarding on my Sercomm AOT-4221SR Router
While accessing outside network it works properly and shows webpage of my server however when i connect my machine to same network within LAN and visit website or static IP it shows router page i.e 192.168.0.1 (with original website URL which i entered in browser)
Please help me to solve this.
192.168.0.1 this is a private IP and shouldn't be used. I am guessing that you received a public IP from ISP. Use your public IP and add port forward rules for that IP to your web server IP
X.X.X.X:80 ------------> 192.168.0.x:80
X.X.X.X:443 ------------> 192.168.0.x:443 for HTTPS
X.X.X.X is your public IP and 192.168.0.x is the ip of machine where you are running webserver.
And point your domain name to that public IP. You can add entries in /etc/hosts for testing purposes
What you are looking for is NAT reflection.
It would not work, as most routers, including the Sercomm one does not have NAT reflection feature.
I was in the same boat as you.
What I did:
Let us assume you have 3 devices from which you want to forward ports. After adding the rules in the router, with LAN IPs 192.168.0.A, 192.168.0.B, 192.168.0.C
and your static IP is W.X.Y.Z.
Go to duckdns.org and create a free account.
create 3 entries
somethingdevice1.duckdns.org --> W.X.Y.Z
somethingdevice2.duckdns.org --> W.X.Y.Z
somethingdevice2.duckdns.org --> W.X.Y.Z
Now create static DNS entries as follows (I am using AdGuard instance inside a HASS instance which I am using as DNS, I created DNS rewrite rules there)
somethingdevice1.duckdns.org --> 192.168.0.A
somethingdevice2.duckdns.org --> 192.168.0.B
somethingdevice3.duckdns.org --> 192.168.0.C
Now use these URLs to access your devices withing or outside your local network.
I am having below two issue,
The below one observed from IFTTT make an web request,
1.Applet skipped "If You say "Open Binny", then Make a web request".Unable to make web request: Error: ETIMEDOUT
"I am using this URL http://192.168.43.184:8123/api/services/shell_command/test_cmd?api_password=solo#123"
The below one is observed in home assistant while we call service
2.homeassistant.components.shell_command] Error running command: pwd, return code: 1
can you solve this ? Thanks
The IP (192.168.43.184) you are using in your http-request is a private internal IP (it will only work wthin your home network). You need to use your public (external) IP from your internet router (hopefully you have a public one). But even then, it will not work until you configure your router for a port forwarding, so if a request hit's your external IP (and port) your router should know which server (here 192.168.43.184) should be reached. You need a port forwarding like this: If a TCP conncetion comes to your public IP on port 8123 route it further to 192.168.43.184:8123
But I would suggest to get a DNS-entry like from DynDNS.org because your public IP will maybe change, and then you always have to adapt the IFTTT-URLs. With an DNS-entry you get rid of changing all the URLs out there. Often there is a tool which runs in your lokal network and checks if your public IP has changed and informes DNS-provider and updates the mapping between your DNS entry and your public IP
You need a secure remote connection. You can use duckdns and https cert created with dehydratated
https://www.splitbrain.org/blog/2017-08/10-homeassistant_duckdns_letsencrypt
You can try the new tutorial https://www.home-assistant.io/integrations/google_assistant/ for google assistant connection
In Ruby on Rails, how can I get the IP Address of a client? I want that when a user visits a certain page, Rails gets their ip address and displays it on the screen.
In my controller I've tried:
request.remote_ip
but it is returning ::1 which to my knowledge is IPv6. I would like to get the IPv4 address of the client. How can I achieve this? I would only need to do this once per client since I'm only checking the ip address of the first device that they use to visit my page.
You can use either
request.ip that returns the ip, whether it is a local proxy ip
address (localhost address) or not.
request.remote_ip is smarter and gets the ip address of the client
outside of local proxies and this is the best that is an interpretation of all the available IP address information and it will make a best-guess.
(request.remote_ip)Determines originating IP address. REMOTE_ADDR is the standard but
will fail if the user is behind a proxy. HTTP_CLIENT_IP and/or
HTTP_X_FORWARDED_FOR are set by proxies so check for these if
REMOTE_ADDR is a proxy. HTTP_X_FORWARDED_FOR may be a comma- delimited
list in the case of multiple chained proxies; the last address which
is not trusted is the originating IP.
Are you certain that ::1 is not sufficient? That is the local host; if you publish the site to anywhere requiring layer 3 transport it should render the appropriate IPv4 or IPv6 address respectively.
In short, if you disable your local IPv6 stack 127.0.0.1 would render.
So here is my issue, I have a website hosted from a virtual machine on my server and am using a dyndns service to point a url to my IP. My ISP recently set up a new modem which unfortunately has its own built in gateway and router. After fighting it to forward port 80 I tested it by trying to navigate to the site via the URL and it didn't work, then I tested it on my phone connected to cell data network and it worked! I am able to visit the site via the URL as long as I am not connected to my network. i find this very weird and cannot figure out why.
I am able to view the site on my network by typing in the local IP of the server.
Any suggestions why this might be occurring?
Yes, this is a pain. Usually your modem won't route traffic from inside that's destined for its public IP address.
When you come from outside, the traffic hits the modem from the external line, and the port forwarding rules get applied, and the traffic reaches your web server. But those port forwarding rules don't get applied to internal traffic. You're trying to browse the web server on the modem, rather than on your server.
I did once find a modem that allowed forwarding of internal traffic, but that was a long time ago, and I haven't see one like it since. What I do these days is to use the internal address when I'm on the internal network, and the external address when I'm not. For things that get scripted, I have a little function that determines whether I'm on my local network or not, and programmatically chooses the right way to address the server.
This is because your router does not support hairpinning (or does not have it set up).
From Cisco Support Community:-
The term hairpinning comes from the fact that the traffic comes from one source into a router or similar devices, makes a U-turn and goes back the same way it came.
Visualize this and you see something that looks like a hairpin.
Hairpin NAT is a useful technique for accessing an internal server using a public IP. Since you are using a public IP to attempt to access a server in your network, the traffic will attempt to go out to the internet. In order to reach the server, the traffic will need to be redirected to the correct location.
The problem is how you are doing your internal routing DNS.
You can do DNS Lookup and trace route to see where the Website name is not resolving and whether if you ping the domain e.g. ping something.com return the public IP.
I resolved ours by doing policy routing on website FQDN to go through a different WAN. It's working fine. This works for those with different WAN terminating at the site.
The other way is redo the DNS configuration in internal network.
I'm using the Play Framework which uses http://localhost:9000 by default. I'm also trying something with Twitter and it needs to use a callback url for authentication, but Twitter won't accept http://localhost:9000 as a callback URL.
How can I configure my localhost to map to something like http://mylocal.loc, (similar as with an Apache vhost), instead of http://localhost:9000?
The problem is that the URL needed to be entered in the following format:
http://127.0.0.1:9000/twitter-callback
The above works perfectly as a Twitter callback address.
Twitter isn't trying to access localhost directly, it simply takes the above address as far as I understand, sticks it into the HTTP response header, prompting whichever browser being used to perform a straight forward 302 redirect.
The following blog post had some invaluable information in regards to this question:
http://www.tonyamoyal.com/2009/08/17/how-to-quickly-set-up-a-test-for-twitter-oauth-authentication-from-your-local-machine/
The reason that twitter can't use localhost as a callback url is because localhost is a redirect to your computers loopback interface. In other words, localhost is always the computer that you're on. In order for other computers (including twitter) to access your host, you need to use an external IP address, or a hostname.
To get your IP address, visit whatsmyip. This will tell you your external IP address (which other computers on the internet can access). If you have a static IP address, you can purchase a domain name, or get a free one from something like no-ip or dyndns to make it easier to remember and type. You'll need to point a DNS record from that domain to your IP. You'll also probably need to do some port forwarding and stuff to get it to go to your computer on port 9000, rather than your router (dependent on your network setup).
Possibly an easier option would be to obtain a free hosting/domain service whilst you're testing.
EDIT: josef's problem was not related to the absence of internet access to his local server, see his own answer for what was going on and a solution. This answer handles the case where a local server needs to be visible from the internet.
localhost, aka 127.0.0.1 is the name that on each computer points to the computer itself. So Twitter looks at itself, obviously doesn't see the service, end of story.
If your computer is connected to a local network, most likely that network is NATed and using private addresses like 192.168.x.x, 10.x.x.x or 172.16x.x.x. These addresses are private (not known outside of the local network because not routed on the internet), so that doesn't help you either.
What remains is your public IP address, ie the address your router gets from your ISP. Via DNS you can map that address to a name, a free service that allows you to map a fixed name also to a variable address is DynDNS.
But wait, there is more! Your router protects your network by not allowing traffic originating OUTSIDE the private network IN, unless you define some forwarding rule in the router, in your case a rule that forwards incoming tcp traffic on port 9000 to your machine's port 9000.
Once all that has been taken care of, your computer will be accessible from the outside, and your callback should work.
Edit your hosts file and add the following line:
127.0.0.1 mylocal.loc
For Windows, it is located in C:\Windows\System32\drivers\etc\. On *nix, you can find it in /etc.