Re: [m0n0wall] NATed services by the public IP

From:	Melvin Backus <mbackus at bellsouth dot net>
To:	Joey Morin <joeymorin at alumni dot uwaterloo dot ca>
Cc:	Adam Nellemann <adam at nellemann dot nu>, <m0n0wall at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] NATed services by the public IP
Date:	Fri, 25 Jun 2004 06:06:59 -0400

At 04:20 AM 6/25/2004, Joey Morin wrote:

>This one time, at band camp, Joey Morin said:
>
> > now that i have a dyndns hostname, i'd hoped that would make the problem
> > go away.  i tried specifying it in the "Server DNS Entry" field, but that
> > had no effect.  so there are three scenarios:
>
>correction.  left blank, specifying partially qualified URL quickly
>returns "Unable to connect to remote host", whereas if i specify my
>hostname in the webserver config, it hangs and times out.  seems if i
>leave it blank, the webserver "discovers" it's host machine's hostname on
>the lan, which of course fails.
>
>why the heck would a web server need to know it's own server dns entry?
>looks like it's doing some kind of local or recursive lookup, which fails
>because you can't access a nated service using the WAN IP!!!  argh!
>
>ok.  i'm better now.  guess i'll have to switch to a real web server.
>unless someone has a bright idea...
>
>jj

Add a host entry at the firewall for the web server.  That should allow it 
to be accessed from the inside via it's public name.



----------------------------------------
Good, Fast, Cheap... Pick any two
----------------------------------------