Can you get to it from that computer using the 192.168.1.x address? Do you have the ICF turned on? Might want to portscan the machine remotely and see if it is listening on port 80.
Printable View
Can you get to it from that computer using the 192.168.1.x address? Do you have the ICF turned on? Might want to portscan the machine remotely and see if it is listening on port 80.
win proxys enabled....thats out of my range...but i would sugest turning off your proxys and trying the server again
see Hexadecimal win proxys out of my league too. Normally i'm use to seeing all the IP and MAc stuff when i type ipconfig /all so i'm at a loss on how to turn them off.
zHENGER which computer for the 192? How do i check this ICF I guess i'll try that port scan.
I used GFI LAngaurd and i scanned my router and gives me the result of 80 HTTP so beleave this is set right.
Hi
First three comments:
1. ICF
You really should check settings of the "ICF", the Internet Connection Firewall,
or simply XP firewall. You are doing this by right-clicking on the network neighboorhood
icon, right-click on Local Area Connection, and continue as stated before:
Quote:
Do not forget, that you might
have activated the XP firewall on the LAN connection. You can configure it as needed
by enabling the box at LAN.properties.advanced.settings."Web Server (HTTP)".
2. WINS
WINS[1] resolves NetBIOS names. We here deal with IP-addresses,
so it doesn't matter. The WINS proxy helps to resolve NetBIOS
names for non-WINS clients. You can turn it on/off - it does not
matter here.
3. DMZ[2]
At the moment, the problem is that not even clients in the same subnet can
connect to the server. So let's forget about DMZ, since they usually deal
with two different subnets: Simplified, Internet <-> DMZ <-> LAN. Leave that
DMZ entry blank for the moment.
Setup
Forget about the router, because we usually do not need to route
if the clients/servers belong to the same physical network and subnet.
I assume the setup:
- server: 192.168.1.10
- client: 192.168.1.100
a) ICMP
Allow for all ICMP traffic. Try to be able to Ping the server from the client
first! If you cannot control this, you won't be able to control the traffic
of the webserver.
b) TCP
Client-firewall:
TCP Outgoing,
Local endpoint: Port/Range ~1024-5000
Remote endpoint: 192.168.1.10, Port 80
Server-firewalls (also ICF: click enable WebServer):
TCP Incoming
Local endpoint: Port 80
Remote endpoint: 192.168.1.100, Port/Range ~1024-5000
Note, that this setup looks strange (a client does not connect toQuote:
My options were
application-(i didn't put anything here)
Start- 80
End-80
Protocol-both (options of TCP UDP both)
Ip address 192.168.1.(my last three digits)
a webserver on 80 from Port 80.).
Cheers
[1] http://www.serverwatch.com/tutorials...le.php/2193041
[2] www.giac.org/practical/gsec/Scott_Young_GSEC.pdf
Alright Sec_Ware
1. Taken care of ICF no firewall
2. Leaving WINS alone. It's not like i wouldn've know what to do with it anyways.
3. DMZ- I set the setting to disable.
Setup.
WHen you assume those two IP addresses are you just using them as an example or do they really need to be thouse IPs?
a)I've run outta time but i'll try to finish up your ideas Sec_Ware. Thank you very much!Quote:
They can both ping themselves. The Server can ping the host. but the host can not ping the server.
Hi
The IPs do not need to be like that. I used them
as an example since it is always advantageous to "fix the ideas".
Once you have solved the Ping-Problem (which is a firewall-problem
only, I guess), you will realise what is needed to establish a working
connection. Based on your description, it looks like the server does not
respond to the ping request. So "there is something" :) to be solved.
You are very welcome. Keeping things like this actively in mindQuote:
Thank you very much!
is always good.
Cheers.
Your router is configued right to be start 80 end 80. This isn't the source and destination ports, its so you can specify ranges.
I'm going to make an example here and you can apply it to your personal network.
Server 192.168.1.50
Workstation 192.168.1.100
You said you can get to the page from the server using 127.0.0.1. Next step would be to try to get to it from the server using 192.168.1.50. If that works try getting to it via 192.168.1.50 from the workstation. Since both PCs are on the same LAN the router doesn't come into play. The router only matters for connectivity from outside your network. Hopefully this is what you planned.
As far as the portscan goes, from the workstation, portscan the 192.168.1.50 address. This will tell you if the machine itself is listening on that port.
Well i'm still at school and this is killing me that i'm not at home to work on this.
So haven't been able to try the rest of yours stuff Sec_ware but zENGER I've tried (Useing your example) 192.168.1.50 and it doesn't work. There inlies my problem.
This seems to have gotten a little off track my goal in getting this to work is to run a webpage and forum using my computer as a server. I think theres been some confusion since i've been using a "client" computer coneected on my lan to test the server setup.
I would venture to guess that if you portscan the server its not going to be listening on port 80. You have verified that the ICF is off and that you don't have any other firewalls running.
You don't by chance has more than one NIC in your computer? It sounds to me like apache isn't bound to the NIC card. I've never installed apached on a windows box so I don't know how to make this happen but I would assume its somewhere in the config files. Maybe someone here has more experience with apache on windows.
Another thing you might try is from the command prompt of the server type "netstat -a". This will tell you what ports your computer is listening on. If you see apache listening on port 80 then this is correct. If not then that means apache isn't in effect, "turned on".
You might want to look into this idea. You can visit http://www.securityfocus.com/tools/139/scoreit and get a copy of netcat for windows. Use this utility to listen on port 80 on your server and then from the workstation see if you can connect, or even portscan the box and see if port 80 is open then. If this doesn't work then its a firewall issue. If this does work then its an apache issue. Make sure you disable apache before starting netcat.
As far as getting off track, once you get the box servicing the web page locally then you can worry about getting it to service via the internet. Have to take baby steps.