[phyzical]

Hey there,

I happened apon a netgear running DD-WRT v24-sp2 (04/18/14) std
(SVN revision 23919)

loving it, but im running into an issue port forwarding via 80/443 i have a domain pointing at my public ip.

When inside my lan using the domain routes through to my webserver fine even ssl works same with public ip, but when i try from outside the lan i am left with a timeout.

I tried running iptables -L to see any obvious droping or filtering of TCP 80/443 but i could not see anything though im not a huge expert at ip firewall rules.

i stumbled across this https://wiki.dd-wrt.com/wiki/index.php/Port_Forwarding_Troubleshooting so i decided to try nmap, when inside the lan i get both tcp and udp as open for my public ip but when i try from outside i get TCP as filtered and UDP as open/filtered, searching around this suggests there is some sort of hardware firewall or isp interception?

I got my ISP to confirm twice that they had indeed unblocked these ports as they do block them by default, and i dont run any hardware firewall other than i suppose whatever is on this dd-wrt?

Is there anything else obvious i have missed here?

i know this has been asked a bunch, but i feel like it still might be the isp, so i thought id get some advice

Thanks in advance!

[kernel-panic69]

I think perhaps the best way to setup a publicly-accessible web host of any sort is to place it in your DMZ, and configure a separate firewall on said host. DMZ bypasses the firewall filtering in DD-WRT.

[phyzical]

Thanks! DMZ mode allowed access through from the outside.

So does that mean there's probably something on the router dropping the requests?

[kernel-panic69]