# apache22 isn`t visible from outside-internet side?



## JimmY_BL (Jan 12, 2010)

Hello to everyone ... i have a one problem which boders me for a 4 days ... x(

Lets go from begining...
I use ADSL modem for Internet connection and i dont have a static IP - internal IP address of ADSL modem is 192.168.1.1 and i put port forwarding 22,80,443 to 192.168.1.2 which is my FreeBSD machine. 
Betwen my ADSL modem and BSD machine i also have a wireless router-switch. The wireless router-switch have IP 192.168.1.6 and i also put port forwarding to 192.168.1.2 on him-for just in case 
This is my version od FreeBSD:

```
terminator# uname -a
FreeBSD terminator.bl.rs 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:48:17 UTC 2009     [email]root@almeida.cse.buffalo.edu[/email]:/usr/obj/usr/src/sys/GENERIC  i386
```

I succesufully installed and configurated apache22 from ports and it works - when i read log files, everything is ok, and i can access the apache22 server from any local computer on my lan,the web sites are working, but when i try to open the site pointing to hostname of my machine from outside my LAN - from different IP,like my neighbours comp, i can`t access my web site :\ 
My hostname is terminator-bl.no-ip.org and i installed no-ip2 client on bsd and it works perfectly, the hostname points to IP address of my ADSL modem...

When i use nmap from my machine from Germany, i get this results:
Interesting ports on terminator-bl.no-ip.org:


```
PORT     STATE    SERVICE
21/tcp   filtered ftp
22/tcp   open     ssh
23/tcp   filtered telnet
24/tcp   closed   priv-mail
25/tcp   filtered smtp
80/tcp   filtered http
8080/tcp closed   http-proxy
```

sshd server is working fine-it works on default configuration and its only service i can use from outside my lan without problem ... 
Can anyone explain me how to put 80 port to be opened and having advice on how to make this work? ï¿½jr

I`m sorry on my English, i hope you will understand me :-D

Tnx a lot in front 
---ZeX


----------



## SirDice (Jan 13, 2010)

You cannot access your web site from the outside when you yourself are on the lan. Get a friend to try it for you.

If the port is 'filtered' it most likely means it's not forwarded properly on your router. Also check if there's a firewall on it that might block it.


----------



## JimmY_BL (Jan 13, 2010)

Tnx DutchDaemon for sorting this a little and putting it on the right place 

SirDice, i am already disabled the firewall and other security settings on my router and ADSL modem and i tried opening web site from computer in Germany, my friend from Slovenia also tried, but nothing ... this is what i get ...


```
Looking up terminator-bl.no-ip.org first
Looking up terminator-bl.no-ip.org
Making HTTP connection to terminator-bl.no-ip.org
Alert!: Unable to connect to remote host.

lynx: Can't access startfile http://terminator-bl.no-ip.org/
```

What i dont understand - the same settings on routers are for SSHD server and i can access it from anywhere ... but the apache is not accessible x(


----------



## DutchDaemon (Jan 13, 2010)

Are you on a 'consumer-grade' connection? Chances are that the ISP filters service ports like 25 and 80. Not exactly uncommon. I tried to run a tcptraceroute to your port 80, but it dies here (though not with a !A (administratively prohibited) flag):


```
inetnum:      84.233.147.0 - 84.233.147.63
netname:      IP-SK-BRATISLAVA-POP-NETS
descr:        Interoute BRATISLAVA POP
```

To me, this spells: "ISP doesn't want servers running on consumer lines".

Run a tcpdump on port 80 on your external interface, and ask people to try to connect to it. If you see zero attempts, chances are your ISP is filtering port 80 on its core/POP routers.

Edit: oops, I spoke too soon (tcptraceroute took forever), it is now official:


```
22  * * 89.111.237.1 (89.111.237.1) 97.182 ms !A
```

Telekom Srpske is actively blocking port 80 *(!A)*.

Same goes for FTP, actively blocked by your ISP:


```
22  * 89.111.237.1 (89.111.237.1) 83.373 ms !A  98.462 ms !A
```

SMTP seems to be a different story. Your own IP address is showing port 25 as closed.


```
22  * * adsl-165-177-99.teol.net (109.165.177.99) [closed] 364.111 ms
```


----------



## roddierod (Jan 13, 2010)

You may want to run nmap on your network. My home isp blocks ports like 22 but not 992.


----------



## JimmY_BL (Jan 13, 2010)

DutchDaemon, you resolve the problem ... my headake is gonne ... i called ISP tech service and ask them about filtering ports 80 and 25 ... and you was right, the all adsl users on my ISP have filtering on this and more other ports x(
Now i must search other ISPs that dont have this filtering problem, but others dont have this fast internet connection:\

I`m so glad that i have registered here and that other freebsd users tryed to help me! :e

FreeBSD RuleZzZ!:f


----------



## DutchDaemon (Jan 13, 2010)

Your ISP will probably allow services on business DSL connections with a fixed IP. I don't know if they have that, how much it costs, and if they're willing to sell business DSL to a non-business.


----------



## JimmY_BL (Jan 13, 2010)

I dont know about that ... but i will investigate now when i know where the problem was :e
I only need to change ISP contract,all other equipment is mine, and i can use the same network settings and the best thing is that i dont need to shutdown the freebsd box because it works perfectly


----------

