Posted: Fri Mar 20, 2015 1:42 Post subject: Accessing internal server via dyndns
Hi there,
I've been a dd-wrt user for years with decent knowhow. I have AT&T Uverse with 'default server' mode that passes all external traffic to my dd-wrt router. The dd-wrt router uses dyndns and has port-forwarding to permit me to access my ubiquiti server from outside (https://ubiquiti.mydomain.com:8443/manage). Works fine.
I was frustrated that I was unable to resolve the domain internally (when configuring new APs in my home network, so I added an alias to the hosts file for my server in the advanced commands of dd-wrt with something like:
This works fine. From my internal network I can reach the vm3 with the full name of ubiquiti.mydomain.com. However, my problem: when I am in my home network and am also connected via VPN to my work on my laptop and I try to resolve ubiquiti.mydomain.com it fails.
From a nslookup I can tell the work dns server is pointing to my Uverse server. So, why isn't this working?
192.168.1.x => VPN => INTERNET => UVERSE DSL => DD-WRT => SERVER ?
Posted: Wed Mar 25, 2015 21:02 Post subject: A better question
Thanks for the reply. I've done some additional testing and am able to take the VPN out of the loop and ask a much more simple question.
To recap (I was unable to get the UVERSE to pass public IP through, so I have a double-nat setup):
INTERNET => 172.4.5.6 (UVERSE) 192.168.1.254 =(forward all traffic)=> 192.168.1.2 ( DD-WRT) 192.168.2.1 => LAN (192.168.2.x)
If I use my UVERSE WAN (public IP) address from outside of my network (at Starbucks, etc) it works fine:
https://172.4.5.6:8443/... Works
However, if I try to access any service through the WAN IP from inside the LAN I get page not available.
I can ping the UVERSE WAN IP from inside my LAN but nothing else.
I suspect my packet hits the LAN side of the UVERSE and is never port fowarded to DD-WRT but just gets dropped. I'm guessing I can't fix this with the ATT box (or can I?)
Is it possible to tell DD-WRT to take requests from LAN going to the UVERSE WAN IP and treat them as through they came in through the WAN port so that the DD-WRT port-forwarding rules would apply?
I have added a hosts entry on my dd-wrt box so I don't have this problem when things are simple - however I'm constantly on a VPN to my work and when connected it takes over my DNS settings, so I'm not seeing my domain via its public IP...
I was hoping there was a firewall rule that could intercept because I doubt the ATT DSL is going to give me the configuration options I need.
Posted: Thu Mar 26, 2015 4:36 Post subject: progress
Thanks for the terminology... NAT loopback with an ATT Uverse NVG589 led me to a number of forums discussing ATT's lack of implemention. Apparently no one really has it working unless your purchase a second IP address from ATT and assign that to your DD-WRT router.. Oh well - thank you for your contribution.
I thought about your local machine hosts edit, but I would need to be able to turn that off depending on my local IP address:
IF eth0 IP = 192.168.123.x then add to hosts myserver.com =>192.168.123.88... Not sure how easy that is done on a a mac.