PDA

Bekijk de volledige versie : Trouble having servers and WL500g in one network.



GiaN
10-03-2005, 18:28
Using Asus WL500g firmware 1.9.2.7

I tried to add the WL500g in an existing LAN this week. Unfortunately I ran into huge troubles and got stuck. I had to abort my attempts and go back to "do more research".

The LAN should exist out of UTP and WiFi clients. One UTP connected client is a UNIX machine with web server that will serve http to internal (LAN) and external (WAN) computers. The whole network is connected to the outside world by an ADSL line with static IP.

The used ADSL modem already offers me NAT, so my first approach was to make the WL500g a fixed client after the modem and forward all inbound WAN traffic to the WL500g (as Home Gateway). after the WL500g I wanted to have the rest of the network configured.

I disabled the DHCP in the ADSL modem and made the Asus WL500g do DHCP. I set the Virtual Server settings on the WL500g to direct port 80 to the UNIX server in the LAN. The whole LAN got working outbound connections working. So far I was also able to connect from outside to the Asus config page on port 8080 and also the Asus FTP server worked. But I cannot reach the UNIX web server on port 80. WHY ????

My first failed setup looked like this:

outside Internet >
> [81.85.199.** ADSL MODEM 10.0.0.138] >
> [10.0.0.1 Asus Gateway 192.168.1.1] >
Local Area Network
> [192.168.1.2 UNIX Server]
> [192.168.1.10-19 other LAN clients]

Eventually I changed the whole setup to use the WL500g in Access Point mode. The ADSL modem will now do the NAT and DHCP. So port 80 traffic to the UNIX server works again as it did before. The web server was safe and people could work now. But if I direct port 20-21 and 8080 to the Asus WL500g I cannot reach the WL500g FTP server or Web config page from outside the LAN.. WHY ????

My second setup looks like:

outside Internet >
> [81.85.199.** ADSL MODEM with DHCP 10.0.0.138] >
Local Area Network
> [10.0.0.139 Asus Access Point 10.0.0.*] >
> [10.0.0.140 UNIX Server]
> [10.0.0.10-19 other LAN clients]


Did I get the wrong hardware for this purpose, or did I misconfigure some base elements?

I hope some help is near!

tomilius
12-03-2005, 04:03
I don't know off the top of my head if this is correct, but I can infer that the firewall in 1.9.2.7 blocks WAN access on those ports as a priority (somebody correct me if I am wrong)... You are using the custom firmware, right? Try iptables -L -v and take a look (telnet to it). Post the results if you don't understand how to use iptables.

GiaN
14-03-2005, 11:11
You are using the custom firmware, right?
No we use the Asus original release: 1.9.2.7 posted 2004/12/08

A. Isn't setting in Virtual Server supposed to override Firewall blocking?

B. Note that now the WL500g is running in AP mode, so the WAN port is not an external ip address anymore. Infact the manual tells us that in case of using the AP mode all RJ45 plugs on the back will be working as LAN ports, basically the definition of a WAN for the WL500g is turned off.

:confused: