Access internal web server from inside network

@XfinityRay​ Just to be sure...

  - Deleted ports 80 and 443 from being forwarded to my Netgear Orbi router

  - Restarted the Gateway

  - Added ports 80 and 443 back to the ort forward list

No change in getting to my web server from my LAN. Accessible from my phone with wifi off, i.i from LTE.  Accessible from my laptop if I wifi to xfinitywifi - i.e. outside my LAN.  Not accessibl on those two ports inside the gateway.  There are 11 other ports I forward to the Orbi that work fine internally.

I do not see any static routes on my gateway and right now the firewall is off

Thanks for further clarifying the situation, @user_sk16. Our Xpert, @EG, has some great tips in these articles on our Forums, https://comca.st/3oORwxY and https://comca.st/34KcBmh. Have you tried the steps provided in these links? 

The first link says to toggle Advanced Security; I had it turned off already.  I also assume if Advanced Securtity had fould an issue with those two ports it would turn it off for all, not just inside (presumable safer) users.  But just to test, I toggled it on and then back off.

Link two sats to check "NAT Loopback" on my routers.  Both my netgear routers say they support this.  If there is a NAT loopback issue, it has to be on the xFinity Gateway.  If I connect to Gateway wifi, I'm blocked -- not doing loopback; If I connect outside the gateway I'm successful.  Shouldn't that be impacting more than just the two main web ports.

This was working fine at the beginning of last week

Thanks for having a look. Let's take a further look into this together. 

I am sorry to hear you have had the same issue with these two ports, @Yeloshak. Can you tell me what troubleshooting steps you have tried so far? Have you tried some of the troubleshooting steps provided above? I am sure working together we will get to the bottom of this.  

I did try the troubleshooting above (toggling adv security and I have no additional routers) but the issue persists. It is still an issue today. I set up an internal DNS server that catches my requests and forwards to the internal IP address of my server and that works but frankly a real pain to reconfigure DNS manually on my devices as I still am using the Xfinity gateway for DHCP. It also breaks other things when I leave the house. So its a work around, but a messy one. 

Hey, @glbarnes67, thanks for reaching out regarding your port issues. To help us get started on the same page, can you please let know if you already tried all the troubleshooting steps outlined by my peers previously in this thread? 

Hi,

I am having the exact same issue.  Has an answer been found?

Hi there @ronlm! Thanks for letting us know that you are also experiencing the same port issues. Can you let us know if you have attempted any troubleshooting steps? 

Yes, I have tried the steps above. 

This was working until earlier this year, same as the other folks.  

Now I cannot access ports (http/80, https/443, ssh/22) from inside the firewall, but can from the outside.

Please advise.

Thanks,

Ron

Hello @ronlm Thanks for checking in with us and for trying those troubleshooting steps. If that didn't work, we can try some more in-depth troubleshooting. 

Could you please send our team a direct message with your full name and full address? Our team can most definitely take a further look at this issue.

To send a "Peer to peer" ("Private") message:
Click "Sign In" if necessary
• Click the "Peer to peer chat" icon
• Click the "New message" (pencil and paper) icon
• Type "Xfinity Support" in the "To:" line and select "Xfinity Support" from the drop-down list which appears. The "Xfinity Support" graphic replaces the "To:" line
• Type your message in the text area near the bottom of the window
• Press Enter to send it

We would like to take a look at the account. Please send me a Direct Message with your name and service address so that I can fully dive into this for you! I will leave you instructions on how to initiate the message with us! I look forward to working with you soon!

- Click "Sign In" if necessary
- Click the "Direct Message" icon (upper right corner of this page)
- Click the "New message" (pencil and paper) icon
- Type "Xfinity Support" in the to line and select "Xfinity Support" from the drop-down list
- Type your message in the text area near the bottom of the window
- Press Enter to send your message

Although port forwarding is still not acting as expected, I've gotten around the problem by adding my Fully Qualified Domain Names to hosts files on all my local clients.  Simply changing the port was not an option for me as I needed 443.  My Pterodactyl game server used a different encrypted port for the Docker Daemon, causing one request to be redirected internally and the other externally.  Now, using the hosts files, all traffic to my servers is routed internally and because I'm still using the FQDNs, the certs function perfectly.

Hey, @smc99! Thanks for reaching out to us here on the forums. We certainly appreciate everything you have tried so far. We will need to take a closer look into this and, if need be, probably get a ticket open to get this resolved. Can you please click the Direct Message icon at the top right of the page, click on the pen and pad icon and enter Xfinity Support in the "To" section of the chat and provide us with your first/last name and full address so we may further assist you?