1. Store
  2. Apps
  3. Hardware
  4. Support
  5. Solutions

ClearFoundation

Forums
Welcome, Guest
Port Forward an Apache Server port in ClearOS
(1 viewing) 1 Guest
Go to bottomPage: 1
TOPIC: Port Forward an Apache Server port in ClearOS
#8958
Port Forward an Apache Server port in ClearOS 4 Years ago  
Hi,

I have a ClearOS configured as Firewall / Webserver, now I have one of the client connected to it with bare CentOS 5.4 and Zoneminder following this guide. I used IP cameras to ease the installation.

Now the problem is for the life of me, I can't port forward the ZM installation to ClearOS to be accessed publicly.

I tried adding a new entry in Port Forwarding page in ClearOS as follows but it doesn't work:

Nickname - - - - - - - - Service - - - Protocol - - From Port - -To Port - - To IP
Camera-Server - - - - - - - HTTP - - - - -TCP - - - - - 1024 - - - - - - - 80 - - - - 10.0.10.2

I also opened port 1024 in the INCOMING page under Firewall.


My simple network layout

myserver.poweredbyclear.com : 1024 / zm (dns url with desired port to use)
^
10.0.10.1 (LAN Static IP under ClearOS' IP settings)
^
10.0.10.2 : 80 / zm (separate virtual machine / installation)


Any help will be highly appreciated! Thanks!
cyberjorge
cyberjorge
Senior Boarder
Posts: 47
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2010/04/06 04:26 By cyberjorge.
The administrator has disabled public write access.
 
#8967
Re: Port Forward an Apache Server port in ClearOS 4 Years ago  
Hi cyberjorge.

I think I remember reading somewhere that when portforwarding, you want to keep the external firewall (as in port 1024) closed as there seems to be some automagic happening when using the portforwarding options.

Why the portforwarding range?

I'd only portforward port 1024, unless you know you need that range pointing to 10.0.10.2. By this logic, then you should also close port 80 on 10.0.10.1 and portforward it to your 10.0.10.2 install.

I know when setting up a virtual machine running apache on a different port behind my ClearOS gateway, I only P.F the port I configured apache to run on to the virtual machine. I left port 80 open in the firewall and the apache installation on the gateway and virtual machine running on port: 8888 worked without problems.
kbricked
Platinum Boarder
Posts: 431
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2010/04/06 06:21 By kbricked.
The administrator has disabled public write access.
 
#8973
Re: Port Forward an Apache Server port in ClearOS 4 Years ago  
Hi deadkatz,

I just used 1024 since my port 80 is already being used by my external firewall, but I can change it to anything as long as I can connect to my 10.0.10.2:80 which is behind the firewall.

I tried changing the Listen port in my 10.0.10.2 apache installation but it refuse to listen to the port I provided so I'm forced to use 80 which I think may conflict with my external firewalls' webserver.

Base on my setup can you guide me to port forward 10.0.10.2 with a more layman's term on the context of ClearOS being the external server with webserver activated.

Thanks!
cyberjorge
cyberjorge
Senior Boarder
Posts: 47
graphgraph
User Offline Click here to see the profile of this user
The administrator has disabled public write access.
 
#8974
Re: Port Forward an Apache Server port in ClearOS 4 Years ago  
Example:

Internet --> Modem -- > [ClearOS Gateway/Firewall/Webserver] -->Switch --> LAN Clients - {VM's}

{I have some virtual machines running on my LAN Clients.}

As I have a web server running on port 80 on my [ClearOS web server], port 80 is open in the firewall.

I also have a {VM web server}. This web server needs to use a different port other than 80 as all traffic on 80 gets intercepted by the [Gateway web server], and as such I've configured the apache httpd.conf on the {VM web server} to use port 8888 instead of port 80.

Once you edit the apache conf files, be sure to restart the server.

ClearOS
service httpd restart
CentOS
/sbin/service httpd restart

My firewall on my [ClearOS web server] remains the same, and I only PF port 8888 to the internal IP of my {VM web server}

My address for my other web server is hxxp://mydomain:8888.

soooo...

then:

Internet--> Modem--> [ClearOS Gateway with IP 10.0.10.1]--> {Virtual Machine with 10.0.10.2 IP}

If you have a web server already running on 10.0.10.1, I'm pretty sure you'll need to change the ports apache works on in the 10.0.10.2 machine.

Log into your [ClearOS Gateway], leave port 80 open in your firewall, and portforward the ports that you've configured within your VM to the 10.0.10.2 address.

I've never used ZM before, and only have a little experience with running one web server behind another one. I'm sure there are other ways, but this is by far the simplest.

This is about all I can offer. If you need more help, maybe someone with more experience can help you on your way.
kbricked
Platinum Boarder
Posts: 431
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2010/04/06 10:27 By kbricked.
The administrator has disabled public write access.
 
#8986
Re: Port Forward an Apache Server port in ClearOS 4 Years ago  
I just used 1024 since my port 80 is already being used by my external firewall, but I can change it to anything as long as I can connect to my 10.0.10.2:80 which is behind the firewall. Port 80 is only used by your external firewall (in respects to a ClearOS Gateway) if you're running a web server with the default configuration; listening on port 80 for http requests.

If you're NOT using another web server on your Gateway, I'm pretty sure you can disable the port 80 on the gateway firewall, and portforward port 80 to your 10.0.10.2 machine, and changing the ports apache listens to on your 10.0.10.2 machine is not necessary. This applies if you're using ClearOS as your external firewall.(?)
kbricked
Platinum Boarder
Posts: 431
graphgraph
User Offline Click here to see the profile of this user
Last Edit: 2010/04/07 08:08 By kbricked.
The administrator has disabled public write access.
 
Go to topPage: 1
  get the latest posts directly to your desktop