Localhost website not accessible from Public IP despite port forwarding

My tiny office has 1 router, which is connected to ADSL line on one end and my laptop on other end. In office, laptop’s local IP is 192.168.1.2.

On office router, I have setup port (22) forwarding for SSH access. I also have DuckDNS script that allows me to ssh -v -t -L 5900:localhost:5900 myname.duckdns.org into my office laptop whenever I want.

I followed the same port-forwarding procedure to configure my router to forward Port 8082 to 192.168.1.2 (TCP, WAN interface is pppoe2). I ran a python/nodejs http server listening on 0.0.0.0:8082.

If I try to access my newly spun server from public IP I get timeout. This is the problem. I can SSH into my remote machine, but website hosted on it doesn’t work

Steps tried:

I take remote desktop of office laptop (using port 5900 for x11 forwarding) and find that firefox can open localhost:8082, 127.0.0.1:8082 and 192.168.1.2:8082 properly.

I tried shutting down extra services like gogs and nginx (which was listening on port 80 even though I didn’t tell it to) via systemctl, but still no luck.

Further, curl http://PUBLIC_IP:8082 gives different outputs:

  1. At home, in my Cmder I get curl: (7) Failed to connect to PUBLIC_IP port 8082: Timed out
  2. However, in SSH terminal (i.e. of remote machine), I get curl: (7) Failed to connect to PUBLIC_IP port 8082: Connection refused

Why is connection refused?

Thanks to @davidgo, I tried

$   sudo tcpdump -vv -i enp7s0 | grep 8082 tcpdump: listening on enp7s0, link-type EN10MB (Ethernet), capture size 262144 bytes 

If I curl localhost:8082 or 192.168.1.2:8082 I see 200 on server logs but I don’t see any output in the above command.
But if I curl PUBLIC_IP:8082 from

  1. inside SSH session I get
    duckDNSsubDomain.40626 > abts-north-dynamic-031.P3.P2.P1.airtelbroadband.in.8082: Flags [S], cksum 0x469a (incorrect -> 0x84f5), seq 18095393, win 64240, options [mss 1460,sackOK,TS val 2474578357 ecr 0,nop,wscale 7], length 0     abts-north-dynamic-031.P3.P2.P1.airtelbroadband.in.8082 > duckDNSsubDomain.40626: Flags [R.], cksum 0x8cea (correct), seq 0, ack 18095394, win 0, length 0 

and a quick connection refused complain by curl (BTW my public IPv4 looks like P1.P2.P3.31.

  1. And if I do the same curl from my home computer I see
    157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0     157.32.251.70.50664 > duckDNSsubDomain.8082: Flags [S], cksum 0x299d (correct), seq 132055921, win 64240, options [mss 1370,nop,wscale 8,nop,nop,sackOK], length 0  

and curl fails with timeout.

Now I am guessing my ISP doesn’t like random ports. So I tried hosting my webserver on port 80. Again, localhost and 192.186.1.2 work as expected but http://PUBLIC_IP:80/ opens up router control panel 🙁

So I try hosting it on a well-known port that’s not 80 or 443. I choose 21 (FTP), use sudo to run webserver listening on 0.0.0.0:21 but firefox/chrome don’t let me open it and curl hangs for a while before failing with a timeout.

IIS forwarding from one computer to SQL Server on another computer

I’m a newbie in the system administration. There are tons of tutorials how to make port forwarding using your home router. So I can easily make SQL Server, installed to my computer, available outside by forwarding everything that comes to the router port 1433. Router:port 1433 –> Computer with SQL Server

But how to do that if I do not have a router (or access to it)?

I have an Azure VM with IIS (I host a website there). I have another Azure VM with SQL Server on it (this another VM is on the LAN with my VM with IIS. I do not have access to the VM that makes the routing for this LAN.

So my task is to make SQL Server available via internet to specified IP address using IIS.

There are tons of videos how to make url forwarding for IIS and no articles or videos for PORT FORWARDING.

Task: I have an address (blabla.dididi.com). I want to call it on port 1433 and get access to SQL Server installed to the computer on the same LAN. IIS:port 1433==>SQL Server on another VM

Could you please give me a link to the article or video with detailed instructions on how to do that? Or write the answer with detailed instructions. Thanks.

Domain forwarding

I’m trying to get back into this as I’ve found a personal use.

I have 2 domains. One is hosted with google domains and the other with namecheap.

I dont really care which one I use as the primary or if I even end up using 2 for my purposes.

I would like to be able to do sub.domain.com and have it hit a IP using a certain port. Google domains will let me do this from 1 domain to another but it shows the hand off. So I go to sub.domain.com and it shows my redirect in the address bar as domain2.com:1234.

I want it to just stay in the address bar as sub.domain.com but hit my IP using the specific port and do a different port for a different sub.

I have an ssl cert rolling on 1 domain and google will make one on the other one easily.

I think I need a SRV record but I cant seem to get it to work.

Any help is appreciated.

Do I need port forwarding for msfconsole remote target exploitation

I was running a series of test attacks on my virtual test machine. Here i had to set the RHOST option to the Ip-address of the target and LHOST to the Ip-address of my local machine. I am certain that this works well locally because both machines would be on the same private network, with private ip addresse. But what if i had my linux machine(not vm) connected to my phone which is serving as a router. If i ran such an attack on a machine on the internet, RHOST would be the public Ip-address of the target machine; i am skeptical as to what ip address i would put for my LHOST option; can i just use my private ip address(given to my linux from my phone hotspot) as this option or do i have to type in the public ip-address for my phone. And if i do have to put in my phone’s public IP is port forwarding needed in such a case or it would work just fine?

Understanding forwarding tables in LAN transparent bridging

enter image description here

I am having some trouble understanding how transparent bridging works. With this diagram, I am told that:

After initialization (none of the transparent bridges has state information), the following six frames are sent: 1: A -> D 2: B -> A 3: C -> B 

I don’t really get what A->D actually means. A frame is being sent from A to D? Or are these both frames?

By definition, I know that whenever a frame is received, we add an entry to the forwarding database (if it does not yet exist).These are the forwarding tables after the exchange of the 3 frames but I don’t understand how they’re derived exactly. Any example would be helpful.

enter image description here

ngrok port forwarding not working

I am currently using ngrok for port forwarding. I am interested in gaining access to my android phone which is connected through mobile network. I am using kali linux in virtual machine and connected through nat network (i am not using wireless adopter). Now, after starting ngrok when I am creating a msfvenom payload for android the LHOST= ip of ngrok tunnel LPORT=ngrok port In msfconsole LHOST= 0.0.0.0 LPORT= 4444. But this is not working. I don’t know what is wrong.