zeke1960's profile

New Poster

 • 

2 Messages

Wednesday, March 3rd, 2021 6:00 PM

Closed

Port to Port Forwarding for Server

I want to forward to destination ports 80 and 443, but also to map them to target ports 180 and 1443 respectively in my server's internal IP address. Xfinity settings seem to only allow for specifying a device and a destination port, which is not enough to do what I need. Can I accomplish this or do I need a new router?

Problem Solver

 • 

1.5K Messages

4 years ago

I haven't seen any consumer cable/dsl gateway that will do that (maybe they exist),  but if your goal is to serve web pages, adding listen port directives to Apache, and using named virtual hosts for the other ports will work.  Something like:

 

Listen 81
Listen 82

DocumentRoot /var/www1
ServerName mydomain.com

         //access --  mydomain.com:81

DocumentRoot /var/www2
ServerName mydomain2.com

         //access --  mydomain2.com:82

Perhaps the ServerAlias is more what you were looking for.  Depends on what you are doing. 

http://httpd.apache.org/docs/current/vhosts/name-based.html

 

You can also redirect 80/443 from your gateway to an internal firewall, and then pass the traffic to your server on another internal isolated subnet with natd, iptables (linux) or pf(bsd/unix) firewall rules  --  which is probably what you want to do anyway if you are going to risk exposing a web server to protect the rest of your network.  You are going to take some remote abuse when you run web servers.

 

Paid service like Dynu to handle the dynamic DNS and port redirection would probably work too, but you'd have to check that out for yourself.

New Poster

 • 

2 Messages

4 years ago

Thanks for your reply, frankly I'm new to this kind of thing so I'll provide more context. I'm running an Unraid server, and want to use certain services remotely, therefore I'm setting up a reverse proxy, following this tutorial: https://www.youtube.com/watch?v=I0lhZc25Sro

 

The port forwarding section begins at about 10:00. Obviously he has access to more router settings than most with his setup, but it seems that what he did do in this tutorial is possible on most routers, considering that no one else seems to have this issue but me.

Problem Solver

 • 

1.5K Messages

4 years ago

You are limited by either using Xfinity gear, or Xfinity approved 3rd party gear, so your options look to be a bit limited on what the firmware on the router will do. Can't do it on mine either.  I can on my firewall though, but that adds another box to route traffic.

 

You could do some clever things with an ubuntu box with iptable rules.  I guess I don't get what unraid is supposed to do for you.  Perhaps do something like this: https://www.cyberciti.biz/faq/linux-port-redirection-with-iptables/

 

Honestly, if the goal is just accessing services on your network remotely, and you're not trying to serve content to the rest of the world, you might consider just running a vpn server on your ubuntu box.  OpenVPN or Wireguard have free clients for phones/devices too.  Then your remote device is actually ON your internal network, and you can access whatever you want inside.  Lots of tutorials on the web for Ubuntu for that.

 

Also useful for when you are on public wifi.  Switch it on. Your traffic is point-to-point encrypted and the only thing the guy running the wifi can see is you connected to an xfinity ip address and scrambled garbage. 

forum icon

New to the Community?

Start Here