MI

Tuesday, November 12th, 2024 6:03 PM

Accessing port forwarded application by external IP, from LAN

Hi,

I have successfully set up a port forward (!) for a service I run locally, that I need to access both at home and remotely. I am also using a dynamic DNS client to maintain a DNS setting for my external IP. From the outside, everything looks great - everything works - I can access the service by DNS name, and it connects properly.

When I'm on wifi at home, though, I cannot access the service by DNS name; my XB7 router appears to be filtering access to the port, when I try to access the WAN address from the LAN side.

On my old ASUS router, this was a non-issue, as it ran it's own DNS server, and would then provide the local IP as a DNS response to the domain name (e.g. from outside, the DNS name returned the WAN IP, but from inside the DNS name returned the LAN IP.)

The only solution I've come up with so far is to add a hosts file entry for the service, and disable that when I travel... which is okay for my laptop, but a real pain on my phone/tablet/etc.

Is there a better solution with the XB7? Did I do something wrong, inadvertently, to have this not work from the LAN side?

1 day ago

Here's the nmap output, when connected to the XB7 wifi:

$ nmap -Pn -p 443 [REDACTED]
Starting Nmap 7.80 ( https://nmap.org ) at 2024-11-12 09:55 PST
Nmap scan report for [REDACTED] ([REDACTED])
Host is up.
rDNS record for [REDACTED]: c-[REDACTED].hsd1.wa.comcast.net

PORT    STATE    SERVICE
443/tcp filtered https

Nmap done: 1 IP address (1 host up) scanned in 2.19 seconds

Here's the NMAP output, when connected to a different internet service, outside my LAN:

$ nmap -Pn -p 443 [REDACTED]
Starting Nmap 7.80 ( https://nmap.org ) at 2024-11-12 10:06 PST
Nmap scan report for [REDACTED] ([REDACTED])
Host is up (0.033s latency).
rDNS record for [REDACTED]: c-[REDACTED].hsd1.wa.comcast.net

PORT    STATE SERVICE
443/tcp open  https

Nmap done: 1 IP address (1 host up) scanned in 0.31 seconds

Expert

 • 

107K Messages

1 day ago

AFAIK, the Comcast rented gateway devices do not support NAT loopback / haipinnig.

forum icon

New to the Community?

Start Here