Remote access of any kind not working!!!

Discussion in 'macOS' started by stevegut78, May 23, 2008.

  1. stevegut78 macrumors member

    Joined:
    Feb 1, 2008
    #1
    Hey guys, I'm having a bitch of a problem trying to access my mac mini from the internet. This isn't just the typical "I don't know how to setup my router" thing. I'm a network admin and I've done this sort of stuff for over 10years professionally on an enterprise level. Here's my scenario:

    Linksys WRT54G v5 wireless router (port forwarding setup for VNC, SSH, HTTP & Tomcat) Also, added the mac IP to the DMZ just to make sure

    Mac Mini 1.83Ghz - Firewall disabled (out of desperation) all sharing turned on (static IP set)

    I can access my mac from other computers on my local network. Can't access my mac via ip or dynamic dns from anywhere on the internet.

    I've tried another router (Belkin) and also flashed DD-WRT onto my Linksys at one point to see if the firmware on my router was the culprit. Also, plugged the mac mini into my router via ethernet instead of wireless with the same crap result. It's pretty frustrating. I refuse to pay $99 for a .mac account. I personally think it's ridiculous that Apple crippled screen sharing so that it won't work across the internet. Plus, I would like to test some apache/tomcat things that I've been working on.

    Any ideas?
     
  2. Mashiach macrumors regular

    Mashiach

    Joined:
    Mar 5, 2008
    Location:
    In a House Near the Sea
    #2
    This might not be what your wanting to do but........
    I am assuming your Mac mini can access the internet for everyday use.
    Have you tried Logmein.com By installing the client on the mac you want to access you can be anywhere in the world and access your mac, this means your looking at it's screen as well.
     
  3. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #3
    Seems more likely that the port forwarding on the router is incorrect.
     
  4. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #4
    I don't see how it could be... That's pretty simple:

    Ports 80, 8080, 22 and my VNC port all fwd to 192.168.1.103
    And to make double sure, I put 192.168.1.103 in the DMZ. Of course, I tried it in other combinations, (no DMZ, port forwarding turned off -with the IP in the DMZ).
     
  5. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #5
    Except that it doesn't work from outside the network, but does from inside the network, which points to the Mac being fine, but the router/NAT/port forwarding being wrong.

    So, what happens when you ssh from a box outside the network?
     
  6. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #6
    Absolutely, If I wasn't sure about my router config, that's the first thing I would think as well. Especially, since I've pretty much isolated the problem to the router. But I can assure you the router config is correct.

    Ironically, I can SSH now... Just did it, I didn't change anything. Web still nothing....
     
  7. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #7
    OK, so port forwarding works for ssh, but not web (or VNC, I take it).

    Apacheworks on the ineternal network?

    http://192.168.1.103
    http://192.168.1.103:8080

    But when you use your external IP (NOT DynDNS), what happens?

    Anything relevant in the logs on the Mac?
    Anything relevant in the logs on the router?
     
  8. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #8
    I don't believe it, VNC is now working. I dont know if it's because I changed the port last night and maybe it was just a fluke that it did not work my first try this morning from the office.

    I just had an idea that it is very possible my ISP (cablevision) is blocking port 80 & 8080 traffic. My next thing will be to put Apache on a different port and see how that flies.
    And yes Apache works internally.
     
  9. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #9
    You're probably right. Unless you pay for a business class net connect, they probably block the http ports.
     
  10. aristobrat macrumors G4

    Joined:
    Oct 14, 2005
    #10
    My internet provider blocks incoming port 80 and 25, so no matter how perfectly I have my router setup, it ain't happening.

    Also, if you're testing this from home by trying to hit your external address, some router configs will not let you NAT out and then come back in.
     
  11. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #11
    Moved Apache to port 8888 for kicks...No dice...I'm at work trying from 2 separate networks...I think cablevision might actually be smart and block traffic by packet header. So no matter what port I switch Apache to, it's not going to work... Hmmmm
     
  12. Le Big Mac macrumors 68020

    Le Big Mac

    Joined:
    Jan 7, 2003
    Location:
    Washington, DC
    #12
    Port 5900 for VNC, no?

    BTW, I've found linksys routers to be squirelly on port forwarding, but I surely have less experience than you.
     
  13. kkat69 macrumors 68020

    kkat69

    Joined:
    Aug 30, 2007
    Location:
    Atlanta, Ga
    #13
    Sounds like it might be your ISP. I often run my TightVNC and use the default port and it works great with hardly any custom config. I have comcast and they do block the http ports.

    I think your theory might be correct. They're probably smart blocking.
     
  14. TheSpaz macrumors 604

    TheSpaz

    Joined:
    Jun 20, 2005
    #14
    Are you running the latest security update? I had SSH problems after running the first Security update and then I installed Security update V2 and SSH worked after. Just a thought.
     
  15. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #15
    My VNC is on a nonstandard port and that finally worked. I thought getting Apache on port 8888 would work but no dice. I could live without the HTTP I guess. I could always hit localhost from my browser in the VNC.

    It's funny, I've had cable modem since the mid 90's and never experienced a ISP blocking traffic. I've had comcast and now cablevision.
     
  16. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #16
    It's becoming more and more common as computer users are becoming more and more savvy (read: able to use google) to circumvent the outdated rules put in place by ISPs. With the explosion of P2P/torrent, it's in the ISP's best interest to spend some cash to help keep their bandwidth clear.
     
  17. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #17
    Yeah I could understand that. I've read stories of people even having their upstream capped at speeds like 128kbps because they were "using too much bandwidth" on P2P... I have always been a little cautious when doing any P2P downloading, but I do enjoy the 1500+Kbps I get and would hate to go back to the dinosaur age of 128k.
     
  18. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #18
    Try buying a house and being stuck with dial-up as your only viable, reasonably priced internet connection! :(

    I feel like I'm back in college every time I hear the modem squelch. :mad:
     
  19. stevegut78 thread starter macrumors member

    Joined:
    Feb 1, 2008
    #19
    OUCH! man that must suck. Or maybe not...You must be in a pretty remote area. That could be nice :)
    Not even cell service with data as an option is available? I have used my blackberry as a modem via bluetooth and it works pretty good. Speeds are pretty damn fast too (Verizon). I think I was getting 300kbps last time I tried it.
     
  20. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #20
    I've got the same, but the coverage is terrible (most reliable network, my ass). I can go from 2 bars (data & voice) to 0 bars to 1 bar to 0 bars in the space of 5 minutes. And if it's a cloudy day.. forget it.
     
  21. aristobrat macrumors G4

    Joined:
    Oct 14, 2005
    #21
    Woah, my partners parents live in a rural location and had the same issue when trying to use Sprint to get on the Internet.

    They ended up getting a little Yagi directional antenna that they could plug into their phone. Made the connection go from 0-1 bars to full signal (well, once they pointed it at the tower correctly).

    Now they consistently get 1.2mbps down and 300-400kbps up. A lot better than dialup, although it costs a bit more (~$60/month).
     
  22. yellow Moderator emeritus

    yellow

    Joined:
    Oct 21, 2003
    Location:
    Portland, OR
    #22
    Yagi antenna.. interesting. My wife would plotz though if I had to hand that on the house. Wish my BB had a spot for an antenna plug.
     

Share This Page