Is this configuration correct??



  • So I have a windows 2000 SP4 server I am trying to configure to serve up a web site, but I have a dynamic IP, so I'm using no-ip.com to fix that problem (as well as the incoming port 80 block my ISP has).

    I'm having all sorts of trouble figuring out what I did wrong, so if anyone could give me any pointers it would be appreciated.

    The first thing I did was register a URL with no-ip.com and tell no-ip to forward to port 9290 (just picked one above 1023 and said what the hey). Then I installed the no-ip software on the server in question, and it claims to be happy..

    Then I set up a NAT rule to forward tcp traffic on port 9290 from the wan to the local host 192.168.4.10 (also on port 9290). I also have a matching rule in the firewall rules that allows TCP from source * and port * to go to 192.168.4.10 with port * and gateway *. I have this exact same configuration for bittorrent on my computer, although the port # is different and so is the subnet (The server is on a different subnet), this has been working fine for months now.

    IIS is configured with a simple site and is configured to use IP address (all unassigned) with a port of 9290. The problem is, when I enter my url into a web browser, I eventually see the web browser display my dynamic IP address from my ISP, and a port # of 9290 (so it appears to work… sortof)... except nothing ever comes up. I can also ping the computer in question based on it's url as well...

    I'm starting to get really frustrated here, and have no Idea what I'm doing wrong! Does anyone have any suggestions. For starters, did I get the firewall configuration right?



  • of course it could be entirely correct and I could be having trouble accessing this site for reasons I'm not 100 percent sure of yet.

    Its accessable from the INTERNET but not from the lan (unless you type in the private IP of the server, then it's accessable). I checked this with a proxy service.

    I'm happy now… though I should probably look into why it does this at some point.



  • Search for "NAT reflection"



  • Thats very enlightening, it looks like that should do the trick, but it doesn't want to cooperate. I also tried static DNS mapping while I was at it and if I tried pinging the host in question, it would show the ip address I mapped statically, but the ping would time out. This made me wonder if I had a firewall rule stopping traffic from flowing, but I tried a basic config with all interfaces allowed to pass all traffic to  all other interfaces (all wildcards), but still nothing.

    For now I'm content to use the local ip of the server when on the LAN, it's not that big a deal to have to remember.

    Thanks for the help though!


Log in to reply