locked
Remote web site not available from the internet RRS feed

  • Question

  • I've been trying to fix this problem for a month....I am able to access the web site locally by typing in the IP address of my WHS.  When I try to access it locally using the home server domain name: xxxxxxx.homeserver.com, I get a message in IE saying that name did not match any documents. When I do type in the IP address of the WHS I get the Microsoft Windows Home Server web site. When I click on logon, I get a page that says "There is a problem with this website's security certificate." I click on "continue to use this website (not recommended)" and can then logon.  Cox is my ISP. I have a Netgear WNDR3700 router and use PhonePower for telephone service.  I did contact PhonePower to see if there was a problem.  Their phone router is a Grandstream HT502.  They had me go into the basic settings of the Grandstream and change the port from 80 to 4200 because, they said, both WHS and the Grandstream were using the same port.  The connection is as follows: The ethernet cable from the cable modem (Cox: Motorola Surfboard cable modem) goes into the WAN port of the Grandstream.  An ethernet cable goes from the LAN port of the Grandstream to the "internet" (WAN, I assume) port of the Netgear router.  Two ethernet cables go from 2 "ethernet" (LAN, I assume) ports of the Netgear router to the ethernet ports on the desktop computer and the WHS.  My WHS is just my old desktop computer that I installed an OEM version of WHS on.  When I go to settings/remote access from the WHS console on my desktop, I get a message that Remote Access is not available.  When I click on "repair", I get green check marks on the first 2 items and a red "X" on Verifying that your remote Web site is available from the internet.  On the Netgear router settings, under Attached Devices, my desktop computer and the WHS are shown with their IP addresses.  On the LAN setup under address reservation, I added the WHS with a fixed IP address.  Under Port Forwarding/Port Triggering, I added a "custom service" with the WHS as the custom service.  This particular router asks for a starting point and an ending point so I used 4125 as the starting point and 80 as the ending point and the server IP address. 

    Yes indeed, if it seems I have made up some of this stuff I've done that's because I have.  So what do I have messed up here?  Everything I've done has been based on something I've read, but it's quite possible that the combination of things has screwed up the works.  Maybe someone can tell me that the solution is really simple!  I've just about reached the limits of my networking/computer knowledge, so please don't get too techie with me!  Thanks very much, Ron

    Sunday, February 20, 2011 11:35 PM

All replies

  • If you're forwarding single ports in your router start port and end port should have the same value; for WHS remote access to function properly you need to forward three ports; 80, 443 and 4125, so you basically need three rules (services). For most routers this should be enough, although some routers also require you create separate firewall rules to allow the port forwarding from WAN to LAN.

    Depending on the settings of your modem and router it could also be you first need to forward ports from your modem to external IP address of your router (generally identical to the gateway address (on client do ipconfig / all from command prompt to get gateway address) , then from the router to your WHS. If your modem or router is setup to run in bridge mode you only need to forward the ports in the device that is not setup in bridge mode.

    Hope this helps


    Henk Panneman - http://www.homeserverweb.nl
    Tuesday, February 22, 2011 4:14 PM
    Moderator
  • Thank you for replying! I think I understood your first sentence. The Netgear WNDR 3700 router doesn't have a "page" on which you can forward ports.  Instead under port forwarding it asks you to add a new service and give it a name. But it doesn't allow you to use the same name for each service and each service only allows one start port number and one end port number.  I did notice that I could use the same IP address (the IP address of my WHS) for each of these differently named services.  So I simply added 3 services, named them different names and used the starting and ending ports: 80, 443 & 4125.  Nothing changed except that now when I run the Repair Remote Access Configuration, I get a green check mark by "verifying that your remote Web site is available locally", a yellow triangle with an exclamation point enclosed by "Configuring your router using UPnP standards" (Note: UPnP is ON in the router) and a red X by "verifying that your remote Web site is available from the internet".

    "For most routers this should be enough, although some routers also require you create separate firewall rules to allow the port forwarding from WAN to LAN."

    I don't know what this means.  There are no firewall rules that I can see when I logon to the router.

    "Depending on the settings of your modem and router it could also be you first need to forward ports from your modem to external IP address of your router (generally identical to the gateway address (on client do ipconfig / all from command prompt to get gateway address) , then from the router to your WHS."

    After reading this over several times, I realize I have no idea what this means either. I did ipconfig /all from my desktop computer and got a default gateway IP address for "something".  Am I supposed to go back into the router settings under port forwarding and add more services to forward ?? port(s) to ??.  The basic settings page of the router shows "Internet IP address" and "get dynamically from ISP" is checked.  The Router Status page shows Internet Port and an IP address that is NOT shown when I did the ipconfig /all.  However there is a section below this that says Lan Port and it DOES have  the same IP address that I got when I did the ipconfig /all.  The problem is that I have no idea what to do with this information.

    "If your modem or router is setup to run in bridge mode you only need to forward the ports in the device that is not setup in bridge mode."

    "Bridge mode":  clueless as to waht this means.  Or how to do it if I need to.

    Sorry to be so wordy about your reply but I wanted to be specific as I could about what I have and what I understand....which, as you can see, is not much (my understanding, that is!)

    Thanks for your help,

    Ron

     


    Ronald Gordon
    Tuesday, February 22, 2011 9:10 PM
  • Thank you for replying! I think I understood your first sentence. The Netgear WNDR 3700 router doesn't have a "page" on which you can forward ports.  Instead under port forwarding it asks you to add a new service and give it a name. But it doesn't allow you to use the same name for each service and each service only allows one start port number and one end port number.  I did notice that I could use the same IP address (the IP address of my WHS) for each of these differently named services.  So I simply added 3 services, named them different names and used the starting and ending ports: 80, 443 & 4125.  Nothing changed except that now when I run the Repair Remote Access Configuration, I get a green check mark by "verifying that your remote Web site is available locally", a yellow triangle with an exclamation point enclosed by "Configuring your router using UPnP standards" (Note: UPnP is ON in the router) and a red X by "verifying that your remote Web site is available from the internet".

    I don't know what this means.  There are no firewall rules that I can see when I logon to the router.

    If there's no option to set set firewall rules this obviously isn't an issue. Please note, if you set port fornwarding manually you shouldn't use UPnP but choose to manually configure your router when setting up remote access. Also after setting the appropriate rules please try to access your server from outside your network (or ask a friend to do so). Please try both http://yourdomain.homeserver.com and https://yourdomain.homeserver.com.

    "Depending on the settings of your modem and router it could also be you first need to forward ports from your modem to external IP address of your router (generally identical to the gateway address (on client do ipconfig / all from command prompt to get gateway address) , then from the router to your WHS."

    After reading this over several times, I realize I have no idea what this means either. I did ipconfig /all from my desktop computer and got a default gateway IP address for "something".  Am I supposed to go back into the router settings under port forwarding and add more services to forward ?? port(s) to ??.  The basic settings page of the router shows "Internet IP address" and "get dynamically from ISP" is checked.  The Router Status page shows Internet Port and an IP address that is NOT shown when I did the ipconfig /all.  However there is a section below this that says Lan Port and it DOES have  the same IP address that I got when I did the ipconfig /all.  The problem is that I have no idea what to do with this information.

    "If your modem or router is setup to run in bridge mode you only need to forward the ports in the device that is not setup in bridge mode."

    "Bridge mode":  clueless as to waht this means.  Or how to do it if I need to.

     Bridge mode means the device is just passing through the signals, so not functioning as a router. In your case I think both will be configured as router (sometimes also called (Access Point) Please read your router and modem (Grandstream) documentation or find out more on the web. As for the external IP of your router, I put you on the wrong path, this is not the gateway address. The external IP of your router is the Internet IP address shown in the status page. If both router and modem are functioning as routers you need to get into your modem (Grandstream) management and set port forwarding rules for ports 80, 443 and 4125 to external IP of your router (and keep port fornwarding rules to WHS in your router).

     Another possible issue is that your router is also set to use port 80 for external (WAN) access to it's management page (same as the Grandstream). Best thing to there is disable remote management of the router since this is a security risk (same for the Grandstream). Be careful not to disable local (LAN) management when you do this.

    Hope this helps, it's not easy stuff to troubleshoot when you're not at the wheel!


    Henk Panneman - http://www.homeserverweb.nl
    Wednesday, February 23, 2011 7:46 AM
    Moderator
  • Now I am even more confused.  I went into the Grandstream modem and forwarded ports 80, 443 & 4125 to the "external IP of my router" although I'm no longer exactly sreu what that should be.  I also went into Domain Name Details and got a screen that showed Domanin Name Details: Name htps://xxxxxx.homeserver.com, service Provider: Windows Live Custom Domains, Web site Ip address: xx.xxx.xxx.xx (Note that this is the same IP address I get when I go to shields up and is shown as my external IP address.  It is NOT the one I have been using to forward ports.  I've been using the IP address I got whe I did ipconfig /all from a DOS prompt.  Whe I try to repair the Remote access with the Remote Access Repair Wizard I still get a green check mark beside Verifying that your remote Web site is available locally.  The Yellow triangle besdie Configuring your router using UPnP standards (I turned this off in the router) and a red X beside Verifying that your remote Web site is available from the internet. (Note that this morning when I changed the port forwarding in the Grandstream router, there was a yellow triangle beside Verifying that your remote Web site is available from the internet.

     

    There are 2 important details I previously left out.  I cannot access the Remote web site even locally unless I type in the IP address that I assigned to the WHS.  I tried accessing WHS from a library today with both the home server name and the IP address with no luck.

     

    I guess my additional concern is that shields up and the Domain Name Details both gave me an entirely different IP address than I get when I look at the one on the router or if I do an ipconfig /all.

     

    Yeah, no kidding it's not easy to troubleshoot if you're not "behind the wheel".....I'm sure you could resolve this problem in seconds if you were at my keyboard!  Thanks for your help,

    Ron


    Ronald Gordon
    Thursday, February 24, 2011 5:38 AM
  • For your understanding, to get to WHS from the outside you have to pass chain of IP addresses:

    1. External IP address (of Grandstream) -> 2. from Grandstream to External IP address of your router -> 3. From router to (local) IP address of your server.

    First IP address is the one you will see with Shields up ( and Domain name details), second one should be Internet IP address you see in status pages of your router, third is the IP address of your server (the one you get from ipconfig /all when logged on to the server desktop.

    When everything is configured properly Shields up should show ports 80 an 443 open.

    If you can't reach your server from inside network using http:\\yourservername (domain name here won't work until remote access is properly configured) you also have a name resolution issue, however this shouldn't prevent you from accessing you server from WAN (remote access). This often happen if some firewall blocks NetBIOS ports or if DNS server is not configured properly.


    Henk Panneman - http://www.homeserverweb.nl
    Thursday, February 24, 2011 7:18 AM
    Moderator
  • hi! i have same problem. i have opened ports: 80,443,4125. all ok. but silverlight player does not play videos now.

     

     

    whs 2011 rc1

    Saturday, February 26, 2011 8:43 AM
  • The port forwarding page of the WNDR3700 should look like this:

     

    I have an additional problem in that my VoIP provider (VoIPo.com) places their Grandstream HT502 between the cable modem and the Netgear.   I was told to set the routers Internet Port in the DMZ of the HT502.  That allowed me to connect to the internet from inside my home network, but I still can't https://XXXX.homeserver.com into the WHS 2011.  HT502 config page is below.   Any ideas to allow web access?

    Thursday, January 26, 2012 11:11 PM
  • The port forwarding page of the WNDR3700 should look like this:

     

    I have an additional problem in that my VoIP provider (VoIPo.com) places their Grandstream HT502 between the cable modem and the Netgear.   I was told to set the routers Internet Port in the DMZ of the HT502.  That allowed me to connect to the internet from inside my home network, but I still can't https://XXXX.homeserver.com into the WHS 2011.  HT502 config page is below.   Any ideas to allow web access?

    Thursday, January 26, 2012 11:15 PM
  • Bob,

    I something supposed to be after your sentence "...should look like this:" 

    And after "HT502 config page is below"


    Thanks,

    Ron

     

     


    Ronald Gordon
    Friday, January 27, 2012 12:17 AM
  • What could be happening is that your IP address is not visible to the outside world.... so it may NOT be public IP (Static IP). This isnt a problem with most ISP's who provide an IP that can be seen by anyone however some ISP's may require you to setup a Static IP address, Subnet mask and gateway in order for it to be visible (to access a server remotely). Once that is done your problem should be resolved.

    Wednesday, February 29, 2012 1:46 PM
  • Hi.

    Were you able to get your WHS visible from the Internet? If so, how did you go about doing this?

    Did you consider two routers connected to your modem with the newer router dedicated to your WHS? So that the settings for Remote Web Access do not interfere with your other devices.

    Thanks.

    Wednesday, April 17, 2013 6:07 PM
  • My...I started this over 2 years ago!  I've given up trying to access the WHS from the internet.  I use WHS to backup my computers.  I now use TeamViewer to access my desktop remotely.  It just turned out to be wasting too much time to continue trying to use WHS to connect from the internet.  Hope you have better luck.  :)

    Ron


    Ronald Gordon

    Tuesday, April 30, 2013 12:03 AM