Making server public
 

Hi...im sure this might have been asked before and im pretty sure its a dumb question to ask. but here goes because i do not know and i cant find any answers anywhere.

How do i get my web server public so that people outside our LAN can view what i have on the server?

Im running Debian GNU/Linux with apache 2.0.53, php5 and mysql5 (dotdeb.pimpmylinux.org installation).
i just dont know how to get the damn thing pucblic.

please help is really required.

Looking at your quote earlier: Am I right in thinking you don't have much experience with GNU/inux? If so I would suggest you first secure and harden your box before it turns into another spam fountain.

EDIT: Posted late... so... once, you've hardened your setup ;)

If you have a domain name, you can use a dynamic DNS provider (www.dyndns.com, etc.) to get the domain pointing at your public IP address from the internet. Once that's done, if your public IP address is on a firewall/router, you need to forward port 80 (maybe 443, 8080, etc. as well) to your web server.

I assume you're already using your domain name on your LAN so maybe your web server won't need configuring to be accessible...

no im not using my domain name on the LAN. so what configuration would i need on the server side. port 80 is alreadt being forwarded and i already have registered a dns at dyndns.com but it keeps pointing to our gateway address if you type it in the address bar.

and yes i dont know much about GNU/Linux. ive just started because windows is giving me too much trouble.

what would you suggested for firewall, what anit-spam and anti-virus?

Note that any testing you do will need to be from a machine outside of your LAN.

ok that wont be a problem...but might i ask why?

Testing my memory here stryker, but as I recall, most routers don't let you out and then back in (if that makes sense). Either it simply won't work or you'll be seeing the internal view. Given that your firewall rules probably differ for internal traffic vs external, server access may vary by access, etc., you won't know if it works externally properly or not.

I hope that makes some sense, and there may be those who'll tell you it's a load of bollocks, but I had issues at first with exactly this problem.


Rgds

i understand what you saying....but how do i get it can be accessed from outside the LAN.

Can I ask what brand and type router you have? Could help diagnostics.

its a ZeXel prestige router

ZyXEL Prestige660R-61C to be more specific

The problem has nothing to do with your linux box, and everything to do with your router and its configuration.

You said you can see the site from on your LAN (probably by its LAN IP address), then it is working fine. All you need to do is set the router correctly.

Of course it is pointing at your gateway address! How many IP addresses do you have? You only have 1 public IP address, so the request through dyndns has to hit your public IP at port 80. Then the router has to forward that request in to port 80 at the LAN IP that the debian box has. Hopefully you either set the box to have a static address inside, or configured the DHCP so the linux box always gets the same address.

If that path is all in place, then it is also possible that your ISP does not allow people to connect to their clients at port 80. That is often a case, particularly in situations where the ISP also has a hosting facility, and they would much prefer you paying them to host your server for money rather than allow you to run it out of your home.

I don't know anything about a Prestige660R-61C in particular, but the only way to test if it is working for certain will be to look from outside. Once the dyndns resolves your name to your WAN IP, how will the router treat that? Will it send the signal out to the next gateway only to get turned around and come back to where it started, will it do something else? Since we don't know, you can't test and know from within. Many routers are set not to allow loopback connections, as they are a security risk. So you can test from any connection in the world, save your own.

You could simply use a tool like VNC or remote desktop to connect anywhere else, then point them at your domain, and if they see it, you're cool.

Peace,
JimBass

ok but do i need to put the dns's that i registered at www.dyndns.com in my /etc/hosts file? or should i put them in my /etc/resolv.conf file? or niether?

how does the router know that it has to go towards the debian box and not towards the other 3 windows boxes? we currently have 4 LAN IP addresses excluding the routers.

the linux box has a static LAN address...it has been assigned to it according to the MAC address.

You don't need to do anything with your DNS. Simply by having access to a functional DNS box, your DNS will ask the dyndns servers for your IP. Game over and done.

Since the static address has been assigned through DNCP by MAC address, that is all set. Now all you need is to establish the port forwarding.

On the router's interface, there will be a section to do port forwarding. All you need to do is take any request from the WAN on port 80, and forward it to the internal address of the linux box, also at port 80.

Peace,
JimBass

ok what i have gone and done is i have forwarded port 80 to 89 to the linux box's IP address.

so basically now all i need to do is get someone to test it out for me.

i just looked at the /var/log/syslog file and im getting a few errors.
i first got an error saying:
...localhost pppd[3681]: Connect script failed
...localhost pppoe[3780]: Timeout waiting for PADO packets
what does that mean?
and now im getting:
...localhost kernel: eth0: no IPv6 routers present
...localhost kernel: eth0: link up, 100Mbps, full-duplex, lpa0x45E1
and what does that mean...all i can work out is that something is not there but the connection is up.

how does this affect me?