It's just odd that it randomly stopped, since it's been working for almost 2 years. i eventually want to set my modem to bridge mode and get a router that supports NAT loopback anyway. What you are asking to do is called NAT Loopback and it requires that you add a SNAT rule so that packets originating from your LAN to your Server will go back through the router: -A POSTROUTING -p tcp -s 192.168.2.0/24 -d 192.168.2.10 -m multiport -dports 22,25,80,443 -j SNAT -to-source 89.179.245. I might be asking too much for this setup. This means that a machine on your local network cannot connect to the external IP address (such as 208.112.93.73) of a machine that is also on your local network. And i shut off my cellphone to clear the DNS cache, waited, rebooted, but still, doesn't check with pihole for the DNS. What is NAT loopback Many routers and some security tools prevent loopback connections as a security feature. Traffic goes through LAN interface to the Internet, then goes back to the same interface,connecting to it is External IP. The Server receives the initial packet and crafts a response (syn-ack). Hair-pinning also known as NAT loopback is a technique where a machine accesses another machine on the LAN or DMZ via an external network. SO I tried hosting pihole in a docker image, and change the DNS of my phone and tablet to my pihole instance, having set up a local host in pihole for my domain, to point to the machine it's suppose to go to, but for some reason, my cellphone accesses pihole for everything BUT my domain. The NAT box receives the intial packet, modifies the destination IP, establishes a mapping table entry, looks up the new destination in its routing table and sends the packets to the server. What you are asking to do is called NAT Loopback and it requires that you add a SNAT rule so that packets originating from your LAN to your Server will go back through the router: -A POSTROUTING -p tcp -s 192.168.2.0/24 -d 192.168.2.10 -m multiport -dports 22,25,80,443 -j SNAT -to-source 89.179.245.232. On my PC, i just edited the host file in Windows, so that fixed it. Yes, I know, I could just access it directly to the LAN private IP of the machine, BUT since the service is configured to expect SSL, it has to go through the reverse proxy, which is expecting. At home, it worked before the last couple of days. I've got a domain that points to my home. All through a reverse proxy (self hosted) to add ssl. Well, there's a couple of self hosted services (only accessed by me), that I sometimes access from my phone and/or tablet when I'm not home. You can add a loopback NAT to your Cisco router, so that when going to the public address, it never gets to the ZTE: iptables -t nat -A PREROUTING -i br0 -s 192.168.2.0/24 -d -p tcp -dport 80 -j DNAT -to-destination 192.168.2.x This is prerouting, so the first step.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |