Re: Cannot reach my own web server using dynamic IP

From: Kristofer Gafvert (kgafvert_at_NEWSilopia.com)
Date: 06/01/04

  • Next message: Kristofer Gafvert: "Re: automate update of new ip address for virtual website" 
    Date: Tue, 1 Jun 2004 10:29:52 +0200

    Hello,

    Can you access the website from the local machine and/or your intranet? If
    so, IIS seems to be working okay. In this case, please verify that you have
    not installed any firewall, and that this firewall blocks all ports that you
    are trying to use.

    Please also verify that your ISP does not block multiple ports. It is
    possible that they do this. 

    -- 
Regards,
Kristofer Gafvert - IIS MVP
http://www.ilopia.com - When you need help!
"Terry" <a165287@yahoo.com> wrote in message
news:7a3cf1b5.0405301655.5b300151@posting.google.com...
> [Warning: Network Newbie]
>
> Hi,
>
> Running Windows 2000 Professional and using IIS, network card present,
> no local network, ISP connection through dialup modem. My computer is
> called 'modesto'.
>
> A few months ago, I was able to give my dynamic IP address to a friend
> and he would connect to my website over the Internet. We did this a
> couple of times (I'd give him the fresh IP via chat each time).
>
> Now this is no longer possible and I don't know why. I can reach my
> website just fine by typing: http://localhost or http://127.0.0.1. But
> if I, or anyone else on the net tries to connect to http://
> IP>, it just 'waits forever'. I can ping that dynamic IP just fine
> too.
>
> Somebody suggested that my ISP may block port 80... so I set up my
> site on port 81, also tried 99 but no dice.
>
> I'd be very grateful for any help or hints you could provide. I posted
> here because I think it's related to IIS setup or something. Thanks.
>
>
> ----
> Config info follows..
> ----
>
> ipconfig /all
>
> Configuration IP de Windows 2000
>
>         Nom de l'hôte . . . . . . . . . . : modesto
>         Suffixe DNS principal . . . . . . :
>         Type de noud. . . . . . . . . . . : Diffuser
>         Routage IP activé . . . . . . . . : Non
>         Proxy WINS activé . . . . . . . . : Non
>
> PPP carte Connexion SprintISP :
>
>         Suffixe DNS spéc. à la connexion. :
>         Description . . . . . . . . . . . : WAN (PPP/SLIP) Interface
>         Adresse physique. . . . . . . . . : 00-53-45-00-00-00
>         DHCP activé . . . . . . . . . . . : Non
>         Adresse IP. . . . . . . . . . . . : 149.99.165.43
>         Masque de sous-réseau . . . . . . : 255.255.255.255
>         Passerelle par défaut . . . . . . : 149.99.165.43
>         Serveurs DNS. . . . . . . . . . . : 207.107.254.9
>                                             204.50.251.17
>         NetBIOS sur Tcpip . . . . . . . . : Désactivé
>
>
> netstat -NA
>
> Proto  Adresse locale         Adresse distante       Etat
> TCP    0.0.0.0:80             0.0.0.0:0              LISTENING
> TCP    0.0.0.0:135            0.0.0.0:0              LISTENING
> TCP    0.0.0.0:443            0.0.0.0:0              LISTENING
> TCP    0.0.0.0:445            0.0.0.0:0              LISTENING
> TCP    0.0.0.0:1025           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:1027           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:1433           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2401           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2776           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2933           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2934           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2938           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2939           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2940           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2941           0.0.0.0:0              LISTENING
> TCP    0.0.0.0:2942           0.0.0.0:0              LISTENING
> TCP    127.0.0.1:80           127.0.0.1:2933         ESTABLISHED
> TCP    127.0.0.1:1028         0.0.0.0:0              LISTENING
> TCP    127.0.0.1:2400         0.0.0.0:0              LISTENING
> TCP    127.0.0.1:2400         127.0.0.1:2401         ESTABLISHED
> TCP    127.0.0.1:2401         127.0.0.1:2400         ESTABLISHED
> TCP    127.0.0.1:2933         127.0.0.1:80           ESTABLISHED
> TCP    149.99.165.43:80       149.99.165.43:2934     CLOSE_WAIT
> TCP    149.99.165.43:2915     66.241.216.199:21      TIME_WAIT
> TCP    149.99.165.43:2920     66.241.216.199:20      TIME_WAIT
> TCP    149.99.165.43:2927     66.241.216.199:20      TIME_WAIT
> TCP    149.99.165.43:2934     149.99.165.43:80       FIN_WAIT_2
> TCP    149.99.165.43:2936     149.99.165.43:80       TIME_WAIT
> TCP    149.99.165.43:2938     66.241.216.199:80      FIN_WAIT_2
> TCP    149.99.165.43:2939     66.241.216.199:80      FIN_WAIT_2
> TCP    149.99.165.43:2940     66.241.216.199:80      FIN_WAIT_2
> TCP    149.99.165.43:2941     66.241.216.199:80      FIN_WAIT_2
> TCP    149.99.165.43:2942     192.168.0.95:1433      SYN_SENT
> UDP    0.0.0.0:445            *:*
> UDP    0.0.0.0:1434           *:*
> UDP    0.0.0.0:3456           *:*
> UDP    149.99.165.43:500      *:*
> UDP    149.99.165.43:4500     *:*
>
>
> Contents of windows\system32\drivers\etc\host
> 127.0.0.1 localhost
> 127.0.0.1 modesto
  • Next message: Kristofer Gafvert: "Re: automate update of new ip address for virtual website"

    Relevant Pages

    • RE: IM Programs
      ... want to block these ports. ... you don't need an explicit deny for the other ports. ... Access-list 101 deny any tcp any any eq 5000 ... >Now, when applying these to your firewall, make sure the number ...
      (Security-Basics)
    • Re: IIS / Web Services Security threats
      ... > believe the weblogic designated ports are open in firewall. ... > Sec configuration may make the network little secure. ... >>> My security team thinks allowing communication between the two IIS ...
      (microsoft.public.dotnet.framework.webservices)
    • Re: Very good break in
      ... IIS is not running on this machine. ... netBIOS ports are blocked at the edge. ... of course there are no iis logs. ... just installing patches is not enough to secure a computer... ...
      (microsoft.public.win2000.security)
    • Re: Advanced Client and MP Policies
      ... Verify that the Task Scheduler is enabled. ... Verify that the SMS Agent Host service is running. ... Verify that the SQL Server has named pipes enabled. ... If you are using the IIS lockdown tool on your IIS 5 servers be sure ...
      (microsoft.public.sms.admin)
    • Re: What should I block out with my new firewall software?
      ... >> block out that I don't use or need, like UDP or TCP. ... >> activity or attempts from outside hackers to penetrate these ports. ... never stop svchost from comunnicating on the Internet. ... > Web updates, as far as I know, are downloaded the same way that ...
      (comp.security.firewalls)