2

It seems that this question is very similar to I suddenly can’t access my own web server within my LAN via the external WAN IP address but nothing there helped me so I'm trying again.

I have a router with WAN address 1.2.3.4 and local network 192.168.1.1/24. I have a web server running on 192.168.1.100.

In router settings, I have changed the port of management panel from 80 to 81 not to interefere with the webserver. Then I have added a port forwarding rule for TCP 80 -> 192.168.1.100:80. Finally, I have assigned a domain name example.com to 1.2.3.4 so accessing example.com correctly routes to my web server. From the world.

However, when I try to enter the example.com from any of the devices connected to the 192.168.1.1/24, it does not work.

I tried to diagnose it with ping, and the domain correctly resolves to the IP address so it seems like not a DNS problem:

root@linux:~# ping example.com
PING example.com (1.2.3.4) 56(84) bytes of data.
64 bytes from 1.2.3.4.ip4.feromedia.eu (1.2.3.4): icmp_seq=1 ttl=63

Also, traceroute stops at the router:

root@linux:~# traceroute example.com
traceroute to example.com (1.2.3.4), 30 hops max, 60 byte packets
1 192.168.1.1 (192.168.1.1) 0.350 ms 0.256 ms 0.195 ms
2 * * *
3 * * *
4 * * *

I have found neither NAT Loopback nor NAT reflection settings in my router as suggested in the question linked above. I have not configured anything in the static routing and I can't remember anything I could done that would cause such behavior.

My router is DrayTek Vigor2925.

fracz
  • 111
  • 2
  • 13

2 Answers2

2

Your router probably doesn’t support NAT Loopback (A.K.A NAT Hairpinning). Upgrade to an aftermarket firmware distro (such as LEDE), or replace your router with something that has factory firmware that supports NAT Loopback (such as an Apple AirPort Base Station).

Spiff
  • 110,156
2

As @Spiff suggested, the problem is probably in lack of support for NAT Loopback.

However, I have managed to handle this situation with static DNS entry in my router configuration. In DrayTek it is known as LAN DNS feature and AFAIU, it is similar to an entry in the hosts file on the machine.

After adding a 192.168.1.100 example.com entry there, my router started to respond with a LAN 192.168.1.100 address for the example.com DNS query for every device in my network. Therefore, they are able to reach the local webserver by the domain name although my router does not support NAT Loopback globally.

fracz
  • 111
  • 2
  • 13