0
  • I use windows10
  • I already open port on my router admin page (Advanced Port Forwarding).
  • Windows firewall Disabled
  • Even if i setup DMZ Address for my LAN 192.168.0.12 my public address not works.

I wanna open simple port 80 or any other. I started xamp or nodejs http server....

Router page port Forwarding: 87.116.162.229 is my public address.

Local   External
IP Address  Start Port  End Port    IP Address  Start Port  End Port    Protocol    Description Enabled         
192.168.0.12    8080    8083    0.0.0.0  8080   8083    BOTH    CUSTOM 8080 Yes     
192.168.0.12    443     443     0.0.0.0  443    443 TCP APACHE  Yes     
192.168.0.12    80      80      0.0.0.0  80 80  TCP HTTP    Yes

Fact: My computer use TPLINK wifi with router !

Browser response : This site can’t be reached

I access without problem on my LAN http://192.168.0.12

Any suggestion ? I already open ports it is not my first time....

I test with 12000 port same situation.

I FOUND ON FORUMS that i have CG-NAT. It means it is restricted !

Thanks for information !!

Nikola Lukic
  • 101
  • 3
  • 1
    It's often one or both of the two: (1) [CGNAT](https://superuser.com/a/1688912/432690), (2) lack of [hairpin NAT](https://superuser.com/q/135366/432690). When you say "it is not my first time", do you mean you have done this with the same router, same ISP, same LAN, same local computer? Do these previously configured forwardings still work? What exact port are you trying to forward now? Please [edit] and add details. – Kamil Maciorowski Apr 20 '22 at 14:07
  • I am not sure! , My computer use TPLINK wifi with router ! Maybe this can be stack! – Nikola Lukic Apr 20 '22 at 14:30
  • 80? See this: [ISP blocking port 80](https://superuser.com/q/106122/432690). A possibility. – Kamil Maciorowski Apr 20 '22 at 14:37
  • 1
    The PC's firewall should not be disabled and **it should never be placed into a router's DMZ** - your PC will be exploited in this configuration _(it's not a matter of if, but when - a router's DMZ disables the router's stateful firewall for any devices in the DMZ - it's a lazy, insecure option OEM's include within their firmware rather than posting how to correctly allow devices through the firewall)_. Correct way to do this is to DNAT a port other than 80 on your router to the server's port 80 running on the PC and configure inbound and outbound rules for the traffic on the PC's firewall. – JW0914 Apr 20 '22 at 14:51
  • I understand i just try it... – Nikola Lukic Apr 20 '22 at 14:55
  • @NikolaLukic If you allow WAN traffic to your PC in this configuration, the only way to 100% ensure it hasn't been exploited afterwards is formatting every drive connected to it and reinstalling the OS - this is at the top of things to _never_ do. Do it the right way the first time - it takes all of five minutes to correctly configure what you want. – JW0914 Apr 20 '22 at 14:58
  • By default XAMP server only works with localhost, not your LAN IP address as protection. Ensure that you can at least access your webpage through your LAN IP Address, otherwise accessing it from the WAN will never work. – LPChip Apr 20 '22 at 15:08
  • It is CG-NAT !! – Nikola Lukic Apr 20 '22 at 15:17

0 Answers0