locked
Remote Access not working, and Website stopped working. RRS feed

  • Question

  • I have a WHS setup, and have been getting it prepared for the last little while.

    I had everything working flawlessly except for the remote access over WAN, as that required some port forwarding. So I got the ports, 4125 and 3389, and forwarded them to the IP address it was at (192.168.123.104). This didn't work, and remote access was still not working. So I removed the port forwarding, tried a DMZ. Still nothing. I then changed the IP of the WHS to 192.168.123.230, as a permanent IP. As of now, I cannot access the website at all. I used to be able to see the website over LAN, but not over WAN. Now I cannot see it under either. Neither through the xxx.homeserver.com or through a direct IP.

    I have a WRT54GS router, an Acer Easystore Home Server, and if you need any more info just ask.

    We called telus, and they aren't blocking port 80 or 443. If anything, I need to get access to the site over LAN again. The Windows Home Server settings thing shows that it is accessable locally, and that UPnP is working, but accessing it from the internet is not.


    EDIT: Okay, I got the website working locally, had to renew the domain.
    Tuesday, July 7, 2009 7:53 PM

Answers

  • Ports 80 and 443, being shown as STEALTH, are either:
    • not correctly forwarded, or
    • are being blocked somewhere.
    Without at least port 443, your Remote Access web site will not be reachable from anywhere off your local network.

    Possible sources of blockage: 
    • firewall on your router or your server, 
    • your ISP (it's entirely possible that they are blocking those ports, never mind what they've told you), 
    • your cable/DSL modem, which could be acting as a router itself (in this case you could put it into bridge mode), or could have it's own firewall.
    There are others as well.

    Something that would be helpful is if you could compare the IP address Shields Up! reports for you with the IP address your router shows as it's WAN address.

    I'm not on the WHS team, I just post a lot. :)
    • Proposed as answer by kariya21Moderator Thursday, July 9, 2009 2:35 AM
    • Marked as answer by MoodyA Thursday, July 9, 2009 2:44 AM
    Wednesday, July 8, 2009 7:49 PM
    Moderator

All replies

  • I have a WHS setup, and have been getting it prepared for the last little while.

    I had everything working flawlessly except for the remote access over WAN, as that required some port forwarding. So I got the ports, 4125 and 3389, and forwarded them to the IP address it was at (192.168.123.104). This didn't work, and remote access was still not working. So I removed the port forwarding, tried a DMZ. Still nothing. I then changed the IP of the WHS to 192.168.123.230, as a permanent IP. As of now, I cannot access the website at all. I used to be able to see the website over LAN, but not over WAN. Now I cannot see it under either. Neither through the xxx.homeserver.com or through a direct IP.

    I have a WRT54GS router, an Acer Easystore Home Server, and if you need any more info just ask.

    We called telus, and they aren't blocking port 80 or 443. If anything, I need to get access to the site over LAN again. The Windows Home Server settings thing shows that it is accessable locally, and that UPnP is working, but accessing it from the internet is not.


    EDIT: Okay, I got the website working locally, had to renew the domain.

    Did you ever forward ports 80 and 443 to your server?  (You didn't say you did.)  If so, please go to Shields Up!, run a port scan for ports 80, 443, and 4125, then post the results here.
    Wednesday, July 8, 2009 4:01 AM
    Moderator
  • Oh, I did, sorry for not including that.

    I will post a Shields Up report when I can access it in the morning tomorrow.
    Wednesday, July 8, 2009 4:17 AM
  • Port 80



    Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .



    Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)



    Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.
    80
    Stealth
    http
    World Wide Web HTTP


    Port 443
    Solicited TCP Packets: PASSED


    Unsolicited Packets: PASSED

    Ping Reply: RECEIVED (FAILED)

    443
    Stealth
    https
    http protocol over TLS/SSL

    Port 4125
    Solicited TCP Packets: RECEIVED (FAILED)



    Unsolicited Packets: PASSED




    Ping Reply: RECEIVED (FAILED)

    4125
    Closed
    Unknown Protocol for this port
    Unknown Application for this port
    Wednesday, July 8, 2009 3:40 PM
  • Ports 80 and 443, being shown as STEALTH, are either:
    • not correctly forwarded, or
    • are being blocked somewhere.
    Without at least port 443, your Remote Access web site will not be reachable from anywhere off your local network.

    Possible sources of blockage: 
    • firewall on your router or your server, 
    • your ISP (it's entirely possible that they are blocking those ports, never mind what they've told you), 
    • your cable/DSL modem, which could be acting as a router itself (in this case you could put it into bridge mode), or could have it's own firewall.
    There are others as well.

    Something that would be helpful is if you could compare the IP address Shields Up! reports for you with the IP address your router shows as it's WAN address.

    I'm not on the WHS team, I just post a lot. :)
    • Proposed as answer by kariya21Moderator Thursday, July 9, 2009 2:35 AM
    • Marked as answer by MoodyA Thursday, July 9, 2009 2:44 AM
    Wednesday, July 8, 2009 7:49 PM
    Moderator
  • I'm pretty sure the ports are forwarded properly. The router should be setup properly for this, firewall and such.

    I have an extremely strong feeling that Telus is blocking the ports. Their website says they block 21, 25, 80, 110, 135-139, 443, 445, 1433-1434 on certain services. Which means both 80 and 443 could be explained by that. They deny that they block it, but a simple google search shows that it started a lot of controversy. It looks like I might have to get my boss to upgrade to a server service, or convince him to use Hamachi and see if that helps.
    Wednesday, July 8, 2009 8:34 PM
  • Yeah, it's definitely Telus. I'm using Hamachi as an alternate method to get in, though its VPN. It's working flawlessly.
    Wednesday, July 8, 2009 11:52 PM