http:// works from LAN but not WAN only https://

[nordis]

Hi all
I have a problem with access to my webserver, from the LAN i can do http://nordis.homelinux.net and I get to the webserver pages but from the outside only https:// works.
I run shorewall on the same server and I have set Allow Web AND ACCEPT http,https all -> fw but why don't http:// work from the outside?
_________________
emerge the world

Bojan · Posted: Sat Apr 16, 2005 3:11 pm Post subject:

What happens if you shut down iptables. Just to make sure it is a problem with the firewall.
Did you type your IP in DNS record in your sitelutions account correctly ??

[nordis] · Posted: Sat Apr 16, 2005 3:16 pm Post subject:

I have the address reg'd at dyndns and updates with a perl script
I haven't looked in to if it works when I shutdown shorewall, I'll try that
_________________
emerge the world

Bojan · Posted: Sat Apr 16, 2005 3:22 pm Post subject:

DNS query doesn't find nordis.homelinux.net.
Did you create this subdomain very recently ??? Perhaps you should just wait for a couple of hours ...

Bojan · Posted: Sat Apr 16, 2005 3:24 pm Post subject:

Aha, dyndns ... I forgot ... same thing.

[nordis] · Posted: Sat Apr 16, 2005 4:04 pm Post subject:

my real IP is 83.216.100.99
_________________
emerge the world

Bojan · Posted: Sat Apr 16, 2005 5:56 pm Post subject:

I can see that now nordis.homelinux.net resolves to your IP, but I still can't acces your webpage. Can you post your iptables rules.

Bojan · Posted: Sat Apr 16, 2005 6:01 pm Post subject:

Ammm ... and the result of

[nordis] · Posted: Sat Apr 16, 2005 6:58 pm Post subject:

Bojan · Posted: Sat Apr 16, 2005 7:29 pm Post subject:

If there there is no previous rule blocking port 80 there should be no problem with iptables, which is obvious. Are there really no previous rules referring to port 80 before chains AllowWeb and net2fw ??

Is there a hardware router with a firewall enabled between outside world and your server ???

Bojan · Posted: Sat Apr 16, 2005 7:46 pm Post subject:

What does the

# grep -e Listen -e BindAddress /etc/apache2/conf/apache2.conf

say?

mekong · Posted: Sat Apr 16, 2005 8:45 pm Post subject:

His netstat output shows apache process with same PID listen on both ports 80 443, so I think nothing wrong with his apache config. I think it's his ISP blocking port 80 to outside. Some ISP don't allow servers.

Bojan · Posted: Sat Apr 16, 2005 9:02 pm Post subject:

Mekong, I think you are right.
This must be very frustrating ...
Perhaps there is a workaround through dyndns setting - Webhop / Redirect URL. I am not sure if you can redirect it to another port than 80 ... but it is worth trying.

Bojan · Posted: Sat Apr 16, 2005 9:20 pm Post subject:

http://support.sitelutions.com/?_a=knowledgebase&_j=questiondetails&_i=43