Access web server behind router from outside and inside of the network with same address












0














I have a router with external public static IP address, and behind the router, I have a web server with static IP (internal address).



I was configured in the router to forward port 80 to the web server, and when I access the public IP from outside, its work.
When I try to access from inside the network I got router interface login page.



I need a way to access the web server with same address URL from inside and outside of the network










share|improve this question






















  • You will need a router that supports NAT Reflection/NAT Loopback/NAT Hairpinning. Most consumer grade routers don't.
    – DavidPostill
    Sep 17 '17 at 17:13








  • 1




    In the router, if you have loop-back enabled and remote maintenance disabled, you should be able to use your public IP from inside your network. It's particularly useful when you have different ports forwarded to different servers: inside the network you need to use the different local IP addresses. @DavidPostill - This crossed with your comment, but it has worked for me with most of my (consumer-grade) routers. It may depend on the ISP.
    – AFH
    Sep 17 '17 at 17:21






  • 1




    You could register a domain that redirects users to your static ip address and for the users inside your network you set up a dns server that redirects to the internal address.
    – SpiderPig
    Sep 17 '17 at 17:21










  • @AFH I wasn't aware of that (fiddling with loop-back) but then I've never had a need to do it. When I'm developing websites I develop/test initially on internal servers and then upload the code to an external server and test there. I've only done small personal websites ...
    – DavidPostill
    Sep 17 '17 at 17:28


















0














I have a router with external public static IP address, and behind the router, I have a web server with static IP (internal address).



I was configured in the router to forward port 80 to the web server, and when I access the public IP from outside, its work.
When I try to access from inside the network I got router interface login page.



I need a way to access the web server with same address URL from inside and outside of the network










share|improve this question






















  • You will need a router that supports NAT Reflection/NAT Loopback/NAT Hairpinning. Most consumer grade routers don't.
    – DavidPostill
    Sep 17 '17 at 17:13








  • 1




    In the router, if you have loop-back enabled and remote maintenance disabled, you should be able to use your public IP from inside your network. It's particularly useful when you have different ports forwarded to different servers: inside the network you need to use the different local IP addresses. @DavidPostill - This crossed with your comment, but it has worked for me with most of my (consumer-grade) routers. It may depend on the ISP.
    – AFH
    Sep 17 '17 at 17:21






  • 1




    You could register a domain that redirects users to your static ip address and for the users inside your network you set up a dns server that redirects to the internal address.
    – SpiderPig
    Sep 17 '17 at 17:21










  • @AFH I wasn't aware of that (fiddling with loop-back) but then I've never had a need to do it. When I'm developing websites I develop/test initially on internal servers and then upload the code to an external server and test there. I've only done small personal websites ...
    – DavidPostill
    Sep 17 '17 at 17:28
















0












0








0


1





I have a router with external public static IP address, and behind the router, I have a web server with static IP (internal address).



I was configured in the router to forward port 80 to the web server, and when I access the public IP from outside, its work.
When I try to access from inside the network I got router interface login page.



I need a way to access the web server with same address URL from inside and outside of the network










share|improve this question













I have a router with external public static IP address, and behind the router, I have a web server with static IP (internal address).



I was configured in the router to forward port 80 to the web server, and when I access the public IP from outside, its work.
When I try to access from inside the network I got router interface login page.



I need a way to access the web server with same address URL from inside and outside of the network







networking wireless-networking router port-forwarding






share|improve this question













share|improve this question











share|improve this question




share|improve this question










asked Sep 17 '17 at 17:05









Netanel Stern

32




32












  • You will need a router that supports NAT Reflection/NAT Loopback/NAT Hairpinning. Most consumer grade routers don't.
    – DavidPostill
    Sep 17 '17 at 17:13








  • 1




    In the router, if you have loop-back enabled and remote maintenance disabled, you should be able to use your public IP from inside your network. It's particularly useful when you have different ports forwarded to different servers: inside the network you need to use the different local IP addresses. @DavidPostill - This crossed with your comment, but it has worked for me with most of my (consumer-grade) routers. It may depend on the ISP.
    – AFH
    Sep 17 '17 at 17:21






  • 1




    You could register a domain that redirects users to your static ip address and for the users inside your network you set up a dns server that redirects to the internal address.
    – SpiderPig
    Sep 17 '17 at 17:21










  • @AFH I wasn't aware of that (fiddling with loop-back) but then I've never had a need to do it. When I'm developing websites I develop/test initially on internal servers and then upload the code to an external server and test there. I've only done small personal websites ...
    – DavidPostill
    Sep 17 '17 at 17:28




















  • You will need a router that supports NAT Reflection/NAT Loopback/NAT Hairpinning. Most consumer grade routers don't.
    – DavidPostill
    Sep 17 '17 at 17:13








  • 1




    In the router, if you have loop-back enabled and remote maintenance disabled, you should be able to use your public IP from inside your network. It's particularly useful when you have different ports forwarded to different servers: inside the network you need to use the different local IP addresses. @DavidPostill - This crossed with your comment, but it has worked for me with most of my (consumer-grade) routers. It may depend on the ISP.
    – AFH
    Sep 17 '17 at 17:21






  • 1




    You could register a domain that redirects users to your static ip address and for the users inside your network you set up a dns server that redirects to the internal address.
    – SpiderPig
    Sep 17 '17 at 17:21










  • @AFH I wasn't aware of that (fiddling with loop-back) but then I've never had a need to do it. When I'm developing websites I develop/test initially on internal servers and then upload the code to an external server and test there. I've only done small personal websites ...
    – DavidPostill
    Sep 17 '17 at 17:28


















You will need a router that supports NAT Reflection/NAT Loopback/NAT Hairpinning. Most consumer grade routers don't.
– DavidPostill
Sep 17 '17 at 17:13






You will need a router that supports NAT Reflection/NAT Loopback/NAT Hairpinning. Most consumer grade routers don't.
– DavidPostill
Sep 17 '17 at 17:13






1




1




In the router, if you have loop-back enabled and remote maintenance disabled, you should be able to use your public IP from inside your network. It's particularly useful when you have different ports forwarded to different servers: inside the network you need to use the different local IP addresses. @DavidPostill - This crossed with your comment, but it has worked for me with most of my (consumer-grade) routers. It may depend on the ISP.
– AFH
Sep 17 '17 at 17:21




In the router, if you have loop-back enabled and remote maintenance disabled, you should be able to use your public IP from inside your network. It's particularly useful when you have different ports forwarded to different servers: inside the network you need to use the different local IP addresses. @DavidPostill - This crossed with your comment, but it has worked for me with most of my (consumer-grade) routers. It may depend on the ISP.
– AFH
Sep 17 '17 at 17:21




1




1




You could register a domain that redirects users to your static ip address and for the users inside your network you set up a dns server that redirects to the internal address.
– SpiderPig
Sep 17 '17 at 17:21




You could register a domain that redirects users to your static ip address and for the users inside your network you set up a dns server that redirects to the internal address.
– SpiderPig
Sep 17 '17 at 17:21












@AFH I wasn't aware of that (fiddling with loop-back) but then I've never had a need to do it. When I'm developing websites I develop/test initially on internal servers and then upload the code to an external server and test there. I've only done small personal websites ...
– DavidPostill
Sep 17 '17 at 17:28






@AFH I wasn't aware of that (fiddling with loop-back) but then I've never had a need to do it. When I'm developing websites I develop/test initially on internal servers and then upload the code to an external server and test there. I've only done small personal websites ...
– DavidPostill
Sep 17 '17 at 17:28












1 Answer
1






active

oldest

votes


















0














As suggested in the comments to your question, you have several options:




  • See if you router supports NAT Hairpinning (also referred to as NAT Loopback or NAT Reflection per @DavidPostill) and whether it might need to be enabled (per @AFH).


  • If your router does not support hairpinning, buy a new one that does. This feature is semi-common in modern day consumer-grade routers but you will still likely want to do a bit of research before making any new purchase.


  • It may be possible to upgrade the router with Linux-based firmware such Tomato, DD-WRT or OpenWRT which can allow hairpinning (but this is likely a very technical endeavor).


  • As suggested by @SpiderPig, you can set up your own private DNS server on your internal network. This route is a bit more technical (and unnecessary if hairpinning can be enabled) but is probably the safer of the two technical solutions.



Private DNS Requirements



While there are obviously different steps for different network configurations, the principles for working around a lack of hairpinning with the last solution are the same:




  • Configure the external version of your domain with a DNS server that does not otherwise directly provide services for your internal version of that domain (likely DNS provided by your Registrar or 3rd-party services such as Namecheap FreeDNS).


  • Configure a separate DNS server (such as ISC BIND) for your internal network which handles your domain locally. That is, create an entry for your domain on that server and point it towards the correct internal web server IP. You can then have your internal computers use this local DNS server for domain resolution.



The reason this setup works is because non-internal queries are going through one (external) DNS provider (which has your public IP) while internal queries go through a second (i.e. the local DNS server with your private IP).



It is probably worth mentioning that besides "regular" domains, this option will also likely work for many "Dynamic DNS" providers as well (where the provider automatically satisfies the first requirement).





Note that both Namecheap FreeDNS and BIND are currently free and thus very cost-effective.





Basics With BIND



I going to assume that you have your domain configured with your Registrar to use DNS servers you do not control. In this instance, you likely do not need to take additional steps to meet the first requirement listed above.



Regarding the second requirement (your local network setup), I wrote a pretty thorough explanation on the basics of getting BIND working on Windows with a local domain a while back.



As for the choice of which computer to use as a local DNS server, the only real requirement is that it be ON consistently (as it will be needed for domain resolution). Outside of that stipulation, you can pretty much pick whichever computer on the network you like (even the web server itself).



Answer Notes



In my answer linked above, there are definitely a few spots you can ignore (mostly the WAMP stuff). Otherwise, the setup detailed there is the basic setup you need locally for your domain. For your situation, the few things that need to be altered are:




  1. Substitute your own (external) domain for the "free.goodies" example domain.


  2. Make sure any other miscellaneous items match your set up (e.g. installation paths, IP addresses, file names, rndc secret, etc.)



  3. Make sure to uncomment the line for "forwarders" in "named.conf" (i.e. remove the hash #):



          forwarders { 8.8.8.8; 8.8.4.4; };



Note that the last item is absolutely necessary so your local network can contact non-local domains (i.e. the rest of the internet other than your domain). The specific IPs listed are functional as-is (they are Google's Public DNS servers) but you can substitute any others you like as well (including those of your ISP).



You still need to make sure to configure your local computers and router to use your local DNS server (as detailed near the end of the linked answer).



Linux Notes



If you are using Linux, you can of course choose to install files from the ISC BIND website. However, as an alternative, many distributions of Linux come with BIND already installed or available through their respective repositories.



As far as a local DNS server is concerned, there are a number of good net tutorials for different distributions. But the principle is the same -- set up a local DNS server to access your domain entirely from the local network (without needing the internet).



Caveats




  • Successfully accessing your domain locally will not always mean it will be accessible externally. You will always need to test external access with a network that doesn't use your router (e.g. your phone connected through its data plan).


  • There are some potential risks involved in running a DNS server and specifically in emulating domains with TLDs such as .com or .net. While it is possible to do so (as outlined here), you may want to consider researching any potential pitfalls.







share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "3"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: true,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: 10,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1251190%2faccess-web-server-behind-router-from-outside-and-inside-of-the-network-with-same%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    0














    As suggested in the comments to your question, you have several options:




    • See if you router supports NAT Hairpinning (also referred to as NAT Loopback or NAT Reflection per @DavidPostill) and whether it might need to be enabled (per @AFH).


    • If your router does not support hairpinning, buy a new one that does. This feature is semi-common in modern day consumer-grade routers but you will still likely want to do a bit of research before making any new purchase.


    • It may be possible to upgrade the router with Linux-based firmware such Tomato, DD-WRT or OpenWRT which can allow hairpinning (but this is likely a very technical endeavor).


    • As suggested by @SpiderPig, you can set up your own private DNS server on your internal network. This route is a bit more technical (and unnecessary if hairpinning can be enabled) but is probably the safer of the two technical solutions.



    Private DNS Requirements



    While there are obviously different steps for different network configurations, the principles for working around a lack of hairpinning with the last solution are the same:




    • Configure the external version of your domain with a DNS server that does not otherwise directly provide services for your internal version of that domain (likely DNS provided by your Registrar or 3rd-party services such as Namecheap FreeDNS).


    • Configure a separate DNS server (such as ISC BIND) for your internal network which handles your domain locally. That is, create an entry for your domain on that server and point it towards the correct internal web server IP. You can then have your internal computers use this local DNS server for domain resolution.



    The reason this setup works is because non-internal queries are going through one (external) DNS provider (which has your public IP) while internal queries go through a second (i.e. the local DNS server with your private IP).



    It is probably worth mentioning that besides "regular" domains, this option will also likely work for many "Dynamic DNS" providers as well (where the provider automatically satisfies the first requirement).





    Note that both Namecheap FreeDNS and BIND are currently free and thus very cost-effective.





    Basics With BIND



    I going to assume that you have your domain configured with your Registrar to use DNS servers you do not control. In this instance, you likely do not need to take additional steps to meet the first requirement listed above.



    Regarding the second requirement (your local network setup), I wrote a pretty thorough explanation on the basics of getting BIND working on Windows with a local domain a while back.



    As for the choice of which computer to use as a local DNS server, the only real requirement is that it be ON consistently (as it will be needed for domain resolution). Outside of that stipulation, you can pretty much pick whichever computer on the network you like (even the web server itself).



    Answer Notes



    In my answer linked above, there are definitely a few spots you can ignore (mostly the WAMP stuff). Otherwise, the setup detailed there is the basic setup you need locally for your domain. For your situation, the few things that need to be altered are:




    1. Substitute your own (external) domain for the "free.goodies" example domain.


    2. Make sure any other miscellaneous items match your set up (e.g. installation paths, IP addresses, file names, rndc secret, etc.)



    3. Make sure to uncomment the line for "forwarders" in "named.conf" (i.e. remove the hash #):



            forwarders { 8.8.8.8; 8.8.4.4; };



    Note that the last item is absolutely necessary so your local network can contact non-local domains (i.e. the rest of the internet other than your domain). The specific IPs listed are functional as-is (they are Google's Public DNS servers) but you can substitute any others you like as well (including those of your ISP).



    You still need to make sure to configure your local computers and router to use your local DNS server (as detailed near the end of the linked answer).



    Linux Notes



    If you are using Linux, you can of course choose to install files from the ISC BIND website. However, as an alternative, many distributions of Linux come with BIND already installed or available through their respective repositories.



    As far as a local DNS server is concerned, there are a number of good net tutorials for different distributions. But the principle is the same -- set up a local DNS server to access your domain entirely from the local network (without needing the internet).



    Caveats




    • Successfully accessing your domain locally will not always mean it will be accessible externally. You will always need to test external access with a network that doesn't use your router (e.g. your phone connected through its data plan).


    • There are some potential risks involved in running a DNS server and specifically in emulating domains with TLDs such as .com or .net. While it is possible to do so (as outlined here), you may want to consider researching any potential pitfalls.







    share|improve this answer




























      0














      As suggested in the comments to your question, you have several options:




      • See if you router supports NAT Hairpinning (also referred to as NAT Loopback or NAT Reflection per @DavidPostill) and whether it might need to be enabled (per @AFH).


      • If your router does not support hairpinning, buy a new one that does. This feature is semi-common in modern day consumer-grade routers but you will still likely want to do a bit of research before making any new purchase.


      • It may be possible to upgrade the router with Linux-based firmware such Tomato, DD-WRT or OpenWRT which can allow hairpinning (but this is likely a very technical endeavor).


      • As suggested by @SpiderPig, you can set up your own private DNS server on your internal network. This route is a bit more technical (and unnecessary if hairpinning can be enabled) but is probably the safer of the two technical solutions.



      Private DNS Requirements



      While there are obviously different steps for different network configurations, the principles for working around a lack of hairpinning with the last solution are the same:




      • Configure the external version of your domain with a DNS server that does not otherwise directly provide services for your internal version of that domain (likely DNS provided by your Registrar or 3rd-party services such as Namecheap FreeDNS).


      • Configure a separate DNS server (such as ISC BIND) for your internal network which handles your domain locally. That is, create an entry for your domain on that server and point it towards the correct internal web server IP. You can then have your internal computers use this local DNS server for domain resolution.



      The reason this setup works is because non-internal queries are going through one (external) DNS provider (which has your public IP) while internal queries go through a second (i.e. the local DNS server with your private IP).



      It is probably worth mentioning that besides "regular" domains, this option will also likely work for many "Dynamic DNS" providers as well (where the provider automatically satisfies the first requirement).





      Note that both Namecheap FreeDNS and BIND are currently free and thus very cost-effective.





      Basics With BIND



      I going to assume that you have your domain configured with your Registrar to use DNS servers you do not control. In this instance, you likely do not need to take additional steps to meet the first requirement listed above.



      Regarding the second requirement (your local network setup), I wrote a pretty thorough explanation on the basics of getting BIND working on Windows with a local domain a while back.



      As for the choice of which computer to use as a local DNS server, the only real requirement is that it be ON consistently (as it will be needed for domain resolution). Outside of that stipulation, you can pretty much pick whichever computer on the network you like (even the web server itself).



      Answer Notes



      In my answer linked above, there are definitely a few spots you can ignore (mostly the WAMP stuff). Otherwise, the setup detailed there is the basic setup you need locally for your domain. For your situation, the few things that need to be altered are:




      1. Substitute your own (external) domain for the "free.goodies" example domain.


      2. Make sure any other miscellaneous items match your set up (e.g. installation paths, IP addresses, file names, rndc secret, etc.)



      3. Make sure to uncomment the line for "forwarders" in "named.conf" (i.e. remove the hash #):



              forwarders { 8.8.8.8; 8.8.4.4; };



      Note that the last item is absolutely necessary so your local network can contact non-local domains (i.e. the rest of the internet other than your domain). The specific IPs listed are functional as-is (they are Google's Public DNS servers) but you can substitute any others you like as well (including those of your ISP).



      You still need to make sure to configure your local computers and router to use your local DNS server (as detailed near the end of the linked answer).



      Linux Notes



      If you are using Linux, you can of course choose to install files from the ISC BIND website. However, as an alternative, many distributions of Linux come with BIND already installed or available through their respective repositories.



      As far as a local DNS server is concerned, there are a number of good net tutorials for different distributions. But the principle is the same -- set up a local DNS server to access your domain entirely from the local network (without needing the internet).



      Caveats




      • Successfully accessing your domain locally will not always mean it will be accessible externally. You will always need to test external access with a network that doesn't use your router (e.g. your phone connected through its data plan).


      • There are some potential risks involved in running a DNS server and specifically in emulating domains with TLDs such as .com or .net. While it is possible to do so (as outlined here), you may want to consider researching any potential pitfalls.







      share|improve this answer


























        0












        0








        0






        As suggested in the comments to your question, you have several options:




        • See if you router supports NAT Hairpinning (also referred to as NAT Loopback or NAT Reflection per @DavidPostill) and whether it might need to be enabled (per @AFH).


        • If your router does not support hairpinning, buy a new one that does. This feature is semi-common in modern day consumer-grade routers but you will still likely want to do a bit of research before making any new purchase.


        • It may be possible to upgrade the router with Linux-based firmware such Tomato, DD-WRT or OpenWRT which can allow hairpinning (but this is likely a very technical endeavor).


        • As suggested by @SpiderPig, you can set up your own private DNS server on your internal network. This route is a bit more technical (and unnecessary if hairpinning can be enabled) but is probably the safer of the two technical solutions.



        Private DNS Requirements



        While there are obviously different steps for different network configurations, the principles for working around a lack of hairpinning with the last solution are the same:




        • Configure the external version of your domain with a DNS server that does not otherwise directly provide services for your internal version of that domain (likely DNS provided by your Registrar or 3rd-party services such as Namecheap FreeDNS).


        • Configure a separate DNS server (such as ISC BIND) for your internal network which handles your domain locally. That is, create an entry for your domain on that server and point it towards the correct internal web server IP. You can then have your internal computers use this local DNS server for domain resolution.



        The reason this setup works is because non-internal queries are going through one (external) DNS provider (which has your public IP) while internal queries go through a second (i.e. the local DNS server with your private IP).



        It is probably worth mentioning that besides "regular" domains, this option will also likely work for many "Dynamic DNS" providers as well (where the provider automatically satisfies the first requirement).





        Note that both Namecheap FreeDNS and BIND are currently free and thus very cost-effective.





        Basics With BIND



        I going to assume that you have your domain configured with your Registrar to use DNS servers you do not control. In this instance, you likely do not need to take additional steps to meet the first requirement listed above.



        Regarding the second requirement (your local network setup), I wrote a pretty thorough explanation on the basics of getting BIND working on Windows with a local domain a while back.



        As for the choice of which computer to use as a local DNS server, the only real requirement is that it be ON consistently (as it will be needed for domain resolution). Outside of that stipulation, you can pretty much pick whichever computer on the network you like (even the web server itself).



        Answer Notes



        In my answer linked above, there are definitely a few spots you can ignore (mostly the WAMP stuff). Otherwise, the setup detailed there is the basic setup you need locally for your domain. For your situation, the few things that need to be altered are:




        1. Substitute your own (external) domain for the "free.goodies" example domain.


        2. Make sure any other miscellaneous items match your set up (e.g. installation paths, IP addresses, file names, rndc secret, etc.)



        3. Make sure to uncomment the line for "forwarders" in "named.conf" (i.e. remove the hash #):



                forwarders { 8.8.8.8; 8.8.4.4; };



        Note that the last item is absolutely necessary so your local network can contact non-local domains (i.e. the rest of the internet other than your domain). The specific IPs listed are functional as-is (they are Google's Public DNS servers) but you can substitute any others you like as well (including those of your ISP).



        You still need to make sure to configure your local computers and router to use your local DNS server (as detailed near the end of the linked answer).



        Linux Notes



        If you are using Linux, you can of course choose to install files from the ISC BIND website. However, as an alternative, many distributions of Linux come with BIND already installed or available through their respective repositories.



        As far as a local DNS server is concerned, there are a number of good net tutorials for different distributions. But the principle is the same -- set up a local DNS server to access your domain entirely from the local network (without needing the internet).



        Caveats




        • Successfully accessing your domain locally will not always mean it will be accessible externally. You will always need to test external access with a network that doesn't use your router (e.g. your phone connected through its data plan).


        • There are some potential risks involved in running a DNS server and specifically in emulating domains with TLDs such as .com or .net. While it is possible to do so (as outlined here), you may want to consider researching any potential pitfalls.







        share|improve this answer














        As suggested in the comments to your question, you have several options:




        • See if you router supports NAT Hairpinning (also referred to as NAT Loopback or NAT Reflection per @DavidPostill) and whether it might need to be enabled (per @AFH).


        • If your router does not support hairpinning, buy a new one that does. This feature is semi-common in modern day consumer-grade routers but you will still likely want to do a bit of research before making any new purchase.


        • It may be possible to upgrade the router with Linux-based firmware such Tomato, DD-WRT or OpenWRT which can allow hairpinning (but this is likely a very technical endeavor).


        • As suggested by @SpiderPig, you can set up your own private DNS server on your internal network. This route is a bit more technical (and unnecessary if hairpinning can be enabled) but is probably the safer of the two technical solutions.



        Private DNS Requirements



        While there are obviously different steps for different network configurations, the principles for working around a lack of hairpinning with the last solution are the same:




        • Configure the external version of your domain with a DNS server that does not otherwise directly provide services for your internal version of that domain (likely DNS provided by your Registrar or 3rd-party services such as Namecheap FreeDNS).


        • Configure a separate DNS server (such as ISC BIND) for your internal network which handles your domain locally. That is, create an entry for your domain on that server and point it towards the correct internal web server IP. You can then have your internal computers use this local DNS server for domain resolution.



        The reason this setup works is because non-internal queries are going through one (external) DNS provider (which has your public IP) while internal queries go through a second (i.e. the local DNS server with your private IP).



        It is probably worth mentioning that besides "regular" domains, this option will also likely work for many "Dynamic DNS" providers as well (where the provider automatically satisfies the first requirement).





        Note that both Namecheap FreeDNS and BIND are currently free and thus very cost-effective.





        Basics With BIND



        I going to assume that you have your domain configured with your Registrar to use DNS servers you do not control. In this instance, you likely do not need to take additional steps to meet the first requirement listed above.



        Regarding the second requirement (your local network setup), I wrote a pretty thorough explanation on the basics of getting BIND working on Windows with a local domain a while back.



        As for the choice of which computer to use as a local DNS server, the only real requirement is that it be ON consistently (as it will be needed for domain resolution). Outside of that stipulation, you can pretty much pick whichever computer on the network you like (even the web server itself).



        Answer Notes



        In my answer linked above, there are definitely a few spots you can ignore (mostly the WAMP stuff). Otherwise, the setup detailed there is the basic setup you need locally for your domain. For your situation, the few things that need to be altered are:




        1. Substitute your own (external) domain for the "free.goodies" example domain.


        2. Make sure any other miscellaneous items match your set up (e.g. installation paths, IP addresses, file names, rndc secret, etc.)



        3. Make sure to uncomment the line for "forwarders" in "named.conf" (i.e. remove the hash #):



                forwarders { 8.8.8.8; 8.8.4.4; };



        Note that the last item is absolutely necessary so your local network can contact non-local domains (i.e. the rest of the internet other than your domain). The specific IPs listed are functional as-is (they are Google's Public DNS servers) but you can substitute any others you like as well (including those of your ISP).



        You still need to make sure to configure your local computers and router to use your local DNS server (as detailed near the end of the linked answer).



        Linux Notes



        If you are using Linux, you can of course choose to install files from the ISC BIND website. However, as an alternative, many distributions of Linux come with BIND already installed or available through their respective repositories.



        As far as a local DNS server is concerned, there are a number of good net tutorials for different distributions. But the principle is the same -- set up a local DNS server to access your domain entirely from the local network (without needing the internet).



        Caveats




        • Successfully accessing your domain locally will not always mean it will be accessible externally. You will always need to test external access with a network that doesn't use your router (e.g. your phone connected through its data plan).


        • There are some potential risks involved in running a DNS server and specifically in emulating domains with TLDs such as .com or .net. While it is possible to do so (as outlined here), you may want to consider researching any potential pitfalls.








        share|improve this answer














        share|improve this answer



        share|improve this answer








        edited Dec 13 at 14:34

























        answered Sep 18 '17 at 9:27









        Anaksunaman

        5,16821222




        5,16821222






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Super User!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.





            Some of your past answers have not been well-received, and you're in danger of being blocked from answering.


            Please pay close attention to the following guidance:


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1251190%2faccess-web-server-behind-router-from-outside-and-inside-of-the-network-with-same%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            flock() on closed filehandle LOCK_FILE at /usr/bin/apt-mirror

            Mangá

            Eduardo VII do Reino Unido