New Poster
•
2 Messages
Port to Port Forwarding for Server
I want to forward to destination ports 80 and 443, but also to map them to target ports 180 and 1443 respectively in my server's internal IP address. Xfinity settings seem to only allow for specifying a device and a destination port, which is not enough to do what I need. Can I accomplish this or do I need a new router?
flatlander3
Problem Solver
•
1.5K Messages
4 years ago
I haven't seen any consumer cable/dsl gateway that will do that (maybe they exist), but if your goal is to serve web pages, adding listen port directives to Apache, and using named virtual hosts for the other ports will work. Something like:
Listen 81
Listen 82
DocumentRoot /var/www1
ServerName mydomain.com
//access -- mydomain.com:81
DocumentRoot /var/www2
ServerName mydomain2.com
//access -- mydomain2.com:82
Perhaps the ServerAlias is more what you were looking for. Depends on what you are doing.
http://httpd.apache.org/docs/current/vhosts/name-based.html
You can also redirect 80/443 from your gateway to an internal firewall, and then pass the traffic to your server on another internal isolated subnet with natd, iptables (linux) or pf(bsd/unix) firewall rules -- which is probably what you want to do anyway if you are going to risk exposing a web server to protect the rest of your network. You are going to take some remote abuse when you run web servers.
Paid service like Dynu to handle the dynamic DNS and port redirection would probably work too, but you'd have to check that out for yourself.
0
0
zeke1960
New Poster
•
2 Messages
4 years ago
Thanks for your reply, frankly I'm new to this kind of thing so I'll provide more context. I'm running an Unraid server, and want to use certain services remotely, therefore I'm setting up a reverse proxy, following this tutorial: https://www.youtube.com/watch?v=I0lhZc25Sro
The port forwarding section begins at about 10:00. Obviously he has access to more router settings than most with his setup, but it seems that what he did do in this tutorial is possible on most routers, considering that no one else seems to have this issue but me.
0
0
flatlander3
Problem Solver
•
1.5K Messages
4 years ago
You are limited by either using Xfinity gear, or Xfinity approved 3rd party gear, so your options look to be a bit limited on what the firmware on the router will do. Can't do it on mine either. I can on my firewall though, but that adds another box to route traffic.
You could do some clever things with an ubuntu box with iptable rules. I guess I don't get what unraid is supposed to do for you. Perhaps do something like this: https://www.cyberciti.biz/faq/linux-port-redirection-with-iptables/
Honestly, if the goal is just accessing services on your network remotely, and you're not trying to serve content to the rest of the world, you might consider just running a vpn server on your ubuntu box. OpenVPN or Wireguard have free clients for phones/devices too. Then your remote device is actually ON your internal network, and you can access whatever you want inside. Lots of tutorials on the web for Ubuntu for that.
Also useful for when you are on public wifi. Switch it on. Your traffic is point-to-point encrypted and the only thing the guy running the wifi can see is you connected to an xfinity ip address and scrambled garbage.
0
0