[SOLVED] Need HEEELP! My server cannot be seen by the internet!
-
UPDATE:So I took the pfSense device home as I stated earlier and tested it at home. And guess what? It WORKS! ??? OMG, how easy it worked, it blew my mind :oMy setup at home was like this: Uverse router -> pfSense device -> 8 port Unmanaged switch -> Temp Server Comp
That's it. The Uverse router has the pfSense device configured as DMZplus. pfSense device has the same LAN IP range as the office, aka 172.xx.x.xxx . The temp server is my laptop running XAMPP with Wordpress.
ALL I DID was port forward 80 and BAM…instant website access!! After all the crap I was put through at the office and many, MANY hours spent, it works instantly at home?!? sigh
The differences with configuration are the following:- Uverse router forwards public IP, but configures as DHCP unlike the Comcast business modem which is Static configuration. Obviously the server is different as this is a Windows Wordpress website and the other is a Unix Server. Last but not least, the switch differs.
At this point I'm thinking that the Cisco 300 switch is the reason that the server didn't work the first time. Recently I found out that it has its own built-in DHCP configurator. Typically it's supposed to take the input of the device that sends out the DHCP signal and then configures the rest of the network. But if it doesn't receive the signal it can configure the network on its own. I mean I checked the IP of some of the DHCP PCs and they were in the right range. I just feel that if the pfSense device is working fine at home, then the only major thing that differs is the switch.
The one thing I haven't tried is directly connecting the server to the pfSense device, bypassing the switch. I'm gonna try that when I get a chance. Otherwise I still haven't tested the current configuration with port 443. I'll do that next. It could be something as simple as turning off DHCP on the Cisco 300 switch. And that's where things stand.
Update 2: Houston we're having problems again >:( . So once my home configuration was working, I left it alone and went to do some yard work. I thought I finally ruled out the pfSense device, but when I came back in after 30 minutes, dun dun dun, the website stopped working. At first it gave me a 504 gateway error. Then I noticed somehow the LAN IP changed on the laptop that did NOT go to sleep. It went from 172.xx.x.3 to 172.xx.x.12 . I'm like "Ok, I dunno why this happened but this should be a non issue as the actual server has a static IP". So I changed the firewall rule to change the IP address and I get a 502 gateway error. At this point no matter what I tried I cannot get the website to show up on the internet, but it is available on my local network. This is exactly the problem I had back in the office, I just reached it differently AND the website worked for a while. What the hell happened??? More frustration >:( :'(
Update 3:Ok, this is gonna sound totally weird. So no matter what I did to the configuration, nothing changed the problem. Then I accidently typed in the public IP address without the /wordpress (that's where the site is located) and it gave me an "access forbidden" error. This is what it's supposed to do. Then, when I added /wordpress again, it worked?!?!?!? It's like I had to "wake up" something (not the computer cause it's always on) by typing in the IP address alone and then the /wordpress to actually reach the site. What could cause that? Something in the pfSense device?
-
I would not thing so, but when ever you change IPs for web servers, you have to readjust rule and NAT. So, I would change your laptop to static so you know it will not change and then go from there. Also, remember that you also have to UVerse modem/router in the way as well and that might have been the cause.
pfSense is in front of a few website (I know all mine are) and there is not a problem at all. -
Then, when I added /wordpress again, it worked?!?!?!? It's like I had to "wake up" something (not the computer cause it's always on) by typing in the IP address alone and then the /wordpress to actually reach the site. What could cause that? Something in the pfSense device?
I imagine what you are seeing there is an uncleared state in the state table or a delay while the arp table updates. Once the remaining stuff times out the new address is reachable.
Steve
-
Would not be a problem if it is statically assigned. Just saying.
-
Yeah, what both of you say are right. Because the IP was assigned by DHCP, when the IP changed on the laptop most likely there was an uncleared state. As long as the server has a static IP I should be fine.
I've tested the pfSense device long enough. I'm gonna try to reinstall it over the weekend and directly plug in the server into the NIC. We'll see if that works. If it does then I'll know that the DHCP of the switch is interfering rather than working with the pfSense device.
I do have a question about the IP range for the LAN: Typically I set the pfSense device to 172.20.2.1 and then the range to 172.20.2.2 to 172.20.2.254. But at home I had it set to 172.20.2.1 to 172.20.2.255 . Which is correct or does it not matter?
-
Typically you want to exclude static addresses from DHCP. So starting at .2 is fine. I would start at 100 myself to give you room for statics.
-
You would normally not include 255 in the range because that's the broadcast address for the subnet. In fact it's slightly surprising that you were allowed to use it.
http://en.wikipedia.org/wiki/IPv4#Addresses_ending_in_0_or_255
It shouldn't make any difference though since you weren't actually using that address.Steve
-
Yeah, that's what I thought, Stephen, but it gave me no error. Whether it's actually using it or not or perhaps pfSense auto-discludes that address is something I don't know.
Unfortunately they configured the server at .45 , and I dunno what other devices are configured in the double, or single digit IP range. That's why I gotta go full range with the configuration :-\
I'm at the office and gonna see what a direct server connection does. Fingers crossed ;)
-
Good luck, I'm sending you positive vibes from across the pond! :)
Steve
-
Update: And IT WORKS!!! OMG!! OMG!! Seriously?!? BWAHAHAHAHAHAHAHAA!!! :o ;D :D 8) :)
So it has to be that sparkly new switch I bought. I mean it works with the rest of the building, just not with the server. Or it could be that DHCP thing I was talking about earlier. Should've bought a cheap, unmanaged switch. Why did I buy the awesome full managed switch?? I thought I could use it for future uses, but it's like I don't even need it when I got pfSense = <3
-
Nice! ;D
Sounds like you need to study the manual on the switch to understand whatever was causing the problem. Make sure nothing else is waiting to bite you later.
Managed switches are generally pretty useful to have though.Steve
-
Yes sir, that damn switch has already bitten me :P I just need to tame it and make him a good boy ;D
Oh I left out the part where configuring the pfSense device was easy. Too easy. Damn this was like Pie Easy! (cause we don't trust the cake ;) ) All I did was change the pfSense device port and then added a Nat rule to forward port 443 to the internal IP address, DONE! God the pain that switch put me though >:(
Once I figure this out I can finally move on to the Failover issue. Alrighty then, here I go! ::) :D
So how do I mark this as solved? Add [SOLVED] to the first post title?
-
All I did was change the pfSense device port and then added a Nat rule to forward port 443 to the internal IP address, DONE!
You may not even have had to do that, but it doesn't hurt to be sure.
Unfortunately since the forum update a while back post editing is limited to a few days so you may not be able to mark it solved yourself. Only a mod can do it.
Steve
-
Glad to see this saga is solved. ;D I marked it as such.
