Question:

I have a Huawei SmartAX MT880 and its blocking external ftp and http accesses so people cant use my servers!?

by  |  earlier

0 LIKES UnLike

I have a feeling my DSL router is blocking external ftp and http accesses. here is some info:

I am using Apache 2 for my http server on my desktop

Guildftpd for the ftp server on my desktop

and no-ip to provide me a hostname, eg: "blah.myftp.org"

whenever I do "http://localhost/" on my desktop machine I can access it after authentication but whenever I do "http://blah.myftp.org/" I keep getting an authentication prompt again and again even when I have entered the password and username correctly.

similarly when i do "ftp://localhost/" in Internet Explorer I gain access to my ftp server but when I do "ftp://blah.myftp.org/" I dont get any response at all!

Do I have to port forward or enable virtual servers for http and ftp access? I tried setting up virtual servers with the following settings:

Status: Enabled

Name: Virtual FTP server

private ip: 192.168.1.2 (desktop's internal ip)

Protocol: TCP

private port: 21

public port: 21

Schedule: Always

Did the same for the http server

 Tags:

   Report

2 ANSWERS


  1. Well for servers to work you do need several ports open in the router and by the local firewall.  Lets start with the router.

    In the virtual servers you need the following open

    Port 21 Ftp (and maybe port 20) depending on FTP program

    Port 80, 443 for Http  80 for all browser requests (443 for https - if authentication is used 443 is safer and should be used.)

    Port 53 DNS (may not be needed depending on no-ip system but if your computer needs to communicate DNS it has to be open!)

    If you really just want to see if it will work I would put the "server" in the DMZ - just to start and test!  That will allow everything to pass to the server. Sometimes it's just easier to start there.

    See if it works if set in the DMZ. If not, back up just a bit, and ask the following.

    1. Does your DSL provider allow servers?  The very first question to answer. Many have prohibitions against them and block ports used by servers on the inbound routers to you. If that is the case, you will never be able to "host" the system. (you can try setting apache and ftp to "high" ports but be prepaired to loose your DSL!)

    2. Check you machines Local Firewall, What OS are you using?  Windows, Linux what is Apache Installed on top of?  Be sure the machine allows all the ports needed by your server! (many may allow "local" traffic but not routeable/internet traffic!)

    Either of these two will keep you from working. But if Number 1 is the issue, you need to change DSL service levels to run a server for the "outside" world.

    Check your Terms of service - you do need to know.

    If the DMZ works, you just have some additional ports that need to be set in the "Virtual" settings so you can move out of the DMZ!

    Hope that helps.

    Add: the IP for vitual host is the IP of the computer/server to use as the virutal host. "local IP of my server (192.168.1.2)"  if the router is listed, all traffic is pointed to the router not the machine!  It concept is to tell the router, where to send the requests for the ports entered.  For Web and FTP TCP/IP is all that is needed.  UDP may be needed for DNS or games and some other programs.


  2. This is a problem with Linux firewall

Question Stats

Latest activity: earlier.
This question has 2 answers.

BECOME A GUIDE

Share your knowledge and help people by answering questions.