NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.

Forum Discussion

asmithlc's avatar
asmithlc
Tutor
Feb 13, 2018
Solved

Cant access Web server from the outside

Hello All, I am running firmware 4.3.1-22

 

I am able to establish a stable connection through the prosafe easily . I am using NAT  WAN mode. and all of the connected servers are able to establish an internet connection. The issue is a Web server I have exposed on a DMZ however i cannot seem to access it from the outside ( Webpage Unable to load)

 

I have setup a DMZ server using  10.0.1.1 (255 255 255 0)

 and  VLAN - 10.0.124.1 (255 255 255 0)

 

The IP setting on the  Webserver Nic is
IP 10.0.1.4

Subnet: 255.255.255.0
Gateway: 10.0.1.1

DNS: 69.57.239.200 / 69.57.239.201

I have created the following rules shown in the screen shot. just for initial testing. i insted to expose specific ports once i am able to access it.
65.48.173.190 is one of my assigned public IPs

Please help me...

 

 

 

Security
Troubleshooting
  • asmithlc's avatar
    asmithlc
    Feb 15, 2018

    Hello Guys, I have mananged to resolve my issue. For the benfirt of those who may experince this in the future.

     

    If ytou have multiple Static Ips which would need to be assigned you need to rester them during the WAN setup.
    It makes perfect sense but it was not clear in the documentation.

    Network Configuration --> WAN setup --> Secondary Addresses (Top Right)

    Really hope this can help someone in the future.

     

    Thanks

     

     

6 Replies

  • JohnC_V's avatar
    JohnC_V
    NETGEAR Employee Retired
    Feb 14, 2018

    Hi asmithlc,

     

    Welcome to our community!

     

    It is not really recommended that you open all of the ports inside your network as it may cause security risk. It might be better if you will just specify the ports that you needed. Have you tried to open only the HTTP port in DMZ WAN Inbound rules? No need to put anything on the outbound. Please also upgrade the firmware to its latest version.

     

    You may download the latest firmware here.

     

    Regards,

    • asmithlc's avatar
      asmithlc
      Tutor
      Feb 14, 2018

      Thank you for taking time to respond.

      I have gone ahead and updated to the latest firmware.

       

      I am aware that it is a security risk to open all the ports. this was created just a temporary measure to access the 10.0.1.4

      I have disabled the DMZ and placed the two servers on the LAN ports with IPs 10.0.1.4 and 10.0.1.5.   all on the same subnet 255.255.255.0

      Strangely I am unable to ping within the LAN

       

      I have removed the outbound roule as you suggested. and  a created a single rule in the incoming.. Am i creating them right...?

       

       

      Thanks for your guidance

      • JohnC_V's avatar
        JohnC_V
        NETGEAR Employee Retired
        Feb 14, 2018

        asmithlc,

         

        Please set the service to HTTP. It will just cause conflict to other ports and will not work properly. You may also set the WAN Destination IP to a single address as it seems that it was not a range of IP.

         

        Regards,

NETGEAR Academy

Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology! 

Join Us!

ProSupport for Business

Comprehensive support plans for maximum network uptime and business peace of mind.

 

Learn More