G3100 Not work issue/bug
bav4688
Enthusiast - Level 2

Hello,

I have a small web server at home and with this new router I am having a problem, I do not have access to the web server with the wan ip from the router network, but if I use a different network if I have access, everything worked perfectly with the old router, I have already tried everything within my reach and I cannot access my webserver from the router network, if anyone knows a solution I would greatly appreciate it.

0 Likes
Reply
16 Replies
smith6612
Community Leader
Community Leader

Verizon is apparently using Ports 443 and 80 for the NAT Hairpin already on the router. Does it work correctly if you use other ports? If so, change the port the router uses for remote management (if enabled, and you should keep it disabled btw) so it does not conflict with your web server. (Citing this thread: https://forums.verizon.com/t5/Fios-Internet/G3100-and-Hairpin-NAT-NAT-loopback/td-p/907397)

Alternatively, you can go into the router's DNS Settings and add a static DNS entry for your web server, so the domain resolves internally to your web server's IP rather than your WAN IP.

bav4688
Enthusiast - Level 2

This worked for me but having more than one domain assigned to my server is not viable because if I add more than one hostname to the router none work.

Thanks

0 Likes
Reply
Cang_Household

Do not configure the DMZ as that is difficult to secure. Again, could you screenshot the Port Forwarding page?

Domain names of your website should be configured in your domain Registrar’s DNS server, not on your router.

Another thing is hosting servers for commercial purposes is a violation of ToS.

bav4688
Enthusiast - Level 2

I think you misread what I wrote or maybe I wrote something wrong.

The web server works and the ports are open to the public if you are example on your phone and you are using mobile data you can enter the website but if you connect to the wifi of my router you do not have access to the website, if I use the network of my router I can not access the website of my server, but if I do it from another network outside my router I can access the website.

I already have the dns servers pointing to my public ip and they resolve the domain names perfectly.

Thanks in advance.

0 Likes
Reply
Cang_Household

Ok. Now it sounds like a NAT hairpinning issue.

The packet has the same source and destination IP address. This type of packet is by default dropped by the Linux kernel if I am not mistaken.

Let me ask a question, why don't you switch instead of route within the same network? If you server and client are both in the same LAN, why both route through the router when you can switch through a layer 2 bridge? You can just go to your local DNS server on G3100 and add some static entries.

Now, your mentioning of adding hostnames make sense. You are trying to rely on the automatic G3100 DNSmasq population based on DHCP and NetBios hostname. I think one host can only have one host name, unless you do network namespaces or other virtualized namespaces.

Why not just configure your local DNS server? Or even just add static DNS entries on your client device. Should be an one-liner.

Cang_Household

No. 80 and 443 ports are not occupied unless you have enabled WAN side administration, which should be disabled for security reasons.

Could you screenshot your Port Forwarding page to see?

bav4688
Enthusiast - Level 2

The ports are open since when I access my wan ip from another network I have access to the website, I am using DMZ Host.

0 Likes
Reply
dslr595148
Community Leader
Community Leader

More than likely it is a loopback/hairpin/Reverse NAT.

One of the ways to check for this/that, I point to https://www.pcwintech.com/test-for-reverse-nat

bav4688
Enthusiast - Level 2

It's a problem with my router call verizon they say they will fix it, it's a problem with the loopback.

0 Likes
Reply
Cang_Household

I doubt the engineering would add this feature. NAT hairpinning is not a standardized feature recommended by any RFCs, and using this feature adds inefficiencies to a network.

You have not answered on my previous question. When you can establish a straight forward link connection, why do you want to add a third device to route the traffic?

0 Likes
Reply
hitnrun30
Newbie

Did you ever figure this out.  I have 2 test domains through NO-IP and externally if I use the URL no problems.  Internally with the url no luck.

I did what was instructed which is add a DNS Server entries for my sites, and add NO-IP info for the sites in Dynamic DNS.  Everything else I have tried does not work.  Hoping you have more insight. 

0 Likes
Reply
Cang_Household

Where did you add that DNS entry? On G3100? Or on your computer?

Could you screenshot the Static DNS page on G3100? With your URL partially blurred out to protect privacy.

0 Likes
Reply
hitnrun30
Newbie

On the G3100, see below

image

image

0 Likes
Reply
hitnrun30
Newbie

Any help would really be helpful

0 Likes
Reply
hitnrun30
Newbie

Something weird I just noticed today.  If I go on my phone I have no issue connecting to my internal website, but on my wired machine there is an issue.  I am going to have to check on other devices but see if you use a mobile device if the site opens.

0 Likes
Reply
Cang_Household

Sounds like you have a faulty Intel NIC on the wired devices. The recent IPv6 rollout may have triggered it to appear.

0 Likes
Reply