I installed today the Suse Enterprise Server 32-bit as a VM on a VMWare
ESXi server. Then:
I installed on it a product (IBM Rational Team Concert) that I
configured to listen both on ports 14443 (https) and 14080 (http).
I assigned a fixed IP address to the Suse Enterprise server
I configured my router to forward the incoming request to ports 14443
and 14080 to the SuSE server
I configured a dynamic domain name service to assign a specific
domain name to my router IP public address
When, being local on the SuSE server, if I access the product using the
web browser pointing to a service running on port 14443; no probs. When,
being on another physical workstation connected to the same LAN as teh
SUSE server, trying to access the same service running on port 14443; if
I use the IP address of the server, it is ok. But as soon as I try to
connect to it using the public (Internet) address or URI of the router
(that should redirect requests) it fails. I’ve the impression the SuSE
server does not allow incoming requests on port 14443 or 14080 when
tehse request are relayed by the router. So, what should I do in order
to allow the SuSE sever accept incoming requests on these ports when the
source is not issued from 192.168.x.x (local) machine but instead from
Internet?
A machine getting requests via your router should not see them as coming
from the Internet but rather from the router itself so your suspicion
about it disliking Internet-sourced traffic should not apply. What may
apply is a DNS issue; you explicitly mentioned another machine on your
LAN could access these ports via IP address but did not mention DNS or
hostname; if DNS/hostname work that would be useful to know about, even
from within your LAN.
It may also be useful to know exactly how the service shows up in
netstat as a listening service. Let’s get the output of the following
commands from your server:
ip addr
ip route
grep -v ‘^#’ /etc/resolv.conf
netstat -planet | grep 'LISTEN ’
Testing the ports with netcat would also be useful from your other LAN
machine:
netcat -zv ip.address.goes.here 14080 14443
Finally, if nothing else stands out after posting all of that we may
want to see how tcpdump sees things differently depending on the connection:
sudo /usr/sbin/tcpdump -n -s 0 -i eth0 port 14080 or port 14443
One suspicion I have is that your router was told to forward to a DNS
name rather than an IP address and if that DNS name does not resolve to
the IP address within your network then anything coming through the
router will fail, while accessing it from the LAN by IP address will
work as you described.
I assigned a fixed IP address to the Suse Enterprise server
I configured my router to forward the incoming request to ports
14443 and 14080 to the SuSE server[/color]
Did you assign your router LAN address as the default gateway for Suse
server?
This is the most common problem with port forwarding, because your Suse
server will send its reply for packets with internet addresses to
default gateway.