This does not really belong here but I have been pulling my hair out trying to solve this issue and I can’t find anything close on the net or when I have spoken with my ISP. I am hoping that someone might recognize the issue and have a simple solution that I am overlooking.
The issue is that I am unable to connect to my home server when I am at home using my home network. Everything works fine when I am on any other network and that includes using a VPN from my home.
The setup has my home devices on one IP address (provided by my ISP) and my server on a different IP address (provided by the same ISP and using the IPS 2 port router/modem.)
The two different IPs are being delivered via the ISP’s router/modem that is in bridge mode. The server is connected directly to the router/modem and the home network is connected to the other port on the router/modem using a Bitdefende Box to provide the WIFI and internal ips for all home devices.
ISP -> modem/router -> ip(1)-> Server (wired)
ISP -> modem/router -> ip(2)-> Bitdefender Box -> home network (wireless)
ips are delivered via DHCP from the ISP (I have a script that updates my IP address on the server and alters my DNS settings at my domain registrar.
My home IP address is whitelisted in my server firewall
I have disabled all firewalls without success
I have attached a computer directly to the IP2 coming from the modem/router (to bypass any internal network issues) without success
My server name sometimes gets changed to an ISP sever name if the DHCP delivered ip changes so, thinking that might be the issue, I have ensured that it is actually using my proper server name (DNS is all correct) but that does not solve the issue.
I have not been able to find any of my server logs that show me an error.
Any suggestions as to what might be causing this, logs to check etc.?
Any help would be greatly appreciated.
Most home routers don’t have the ability to route back on themselves. You can either get a better router that can route in either direction, or connect to the server via the local IP when on your local network.
Thanks for the reply.
I assumed that the request would go out to my ISP and then would come back in. Since the router/modem was providing 2 IPS separately I figured they were not talking to each other at that point.
I can’t replace their hardware so I guess I am stuck using the VPN if that is the case.
Hi Peter,
Vancouver?
I’m in Victoria so its a Shaw setup at home.
Its a home server that holds all my photos and family files that I make available to my siblings and relatives around the country so I can’t afford to put any money into it. VPN will work at home and everyone else connects without an issue, its just APITA for me.
If you have any ideas or are familiar with how the Shaw setup works and know how it can be addressed I would like to hear it.
Thanks for taking the time to respond.
Kim
If you get a business account which comes with a static and dynamic IP address, you could setup your server with the static IP (not using DHCP), then let your WiFi pickup the dynamic IP address (using DHCP).
You’ll need to place a switch between your modem and server/wifi router for this to work.
Once you manually configure the static IP on the server, you’ll need to reboot the modem so it knows you’re using the static IP for that device.
I have a setup similar to this, though I’m using a slightly more advanced setup.
Thanks Peter,
Shaw Business accounts are too expensive for me. I tried getting a 2nd ip from Telus for residential but they said they can only give me 1 for residential so I was stuck with Shaw.
I guess it is Shaw’s Modem/router that is causing the issue or the setup on their side. I figured that if I had 2 Ips (different subnets from shaw) that they would behave as two different systems but I guess not. Something must be blocking the signal from crossing over.
Maybe i need to push them to give me a 2nd Modem/router to deliver the other ip. I wonder if that would work. Of course they would probably charge me an arm and a leg.
I know what you mean. When I tried to use the 2nd ip provided by Shaw I found that I had to switch their modem/router into bridge mode. With the model they gave me, it meant that the device was no longer able to provide me with WIFI for my home network (bridge mode disabled the WIFI capabilities.) I was going to purchase a good WIFI router to take over that job when I saw the BitDefender box. Since it had that capability built in as well as their security I thought I would give it a try. I found out that it is APITA to configure and very limited in what I can actually do in the setup. It is also only configurable using a phone which drives me nuts. Once my subscription is done I’ll be looking for alternatives.
As far as the IP communications problem, I don’t believe the BitDefender box is the issue as I have removed the device and connected a computer directly to the Shaw modem/router (using 1 of the shaw ips) and the computer is still not able to connect to the server.
As a shot in the dark, I am currently trying to set my registrars DNS servers as custom DNS on the box hoping that might help, but the interface will not allow me to type anything into the fields in the phone. Still waiting for support from Bitdefender to give me a fix for that.
While you’d need to setup a means for updating your IP from time to time, you could go out and buy a “cheap” switch to sit between your modem and server/wifi router.
Then reboot your modem, which should see the “server” as one device (giving it one of the IPs) and the “wifi router” as a second device (giving it the other IP).
All devices behind your wifi router would get “internal” IPs issued by the router, while the “server” and “wifi router” itself would be issued “public” IPs from Shaw.
In this setup, you’d need to rely on the firewall in Linux to protect your server, as it wouldn’t have a router to protect it from the outside world.
Also, make sure your Shaw modem is setup in bridged mode so it doesn’t try to assign “private” IPs as a router.
Peter, AFAIK that is the basic setup I already have. The only difference is that the Shaw mode/Router has 2 cabled ports. Port 1 provides IP1 and Port 2 provides IP2. I already have it in bridged mode. I also have a script on my server that checks its IP and if it changes signals my registrar to change the DNS. This has been working fine. Occasionally I have to manually make a change to the ip setting in Webmin if it doesn’t update automatically but that isn’t a problem right now.
IP1 (wired) goes to my server and I have CSF set up on my server as the firewall.
IP2 goes to the Bitdefender Box (wired) which then provides an internal network (WIFI) that handles all internal devices in the house. The Bitdefender device and software handle protection to that network.
The two ips from shaw are not in the same subnet class if I am understanding this properly
These are not the real numbers but give you the idea of what I have.
IP 1: 24.108.202.14
IP2 : 24.108.196.133
I have a feeling that it used to work when the Ips were in the same Shaw subnet but I can’t recall for sure and I don’t have any data to back this up.
Sorry, not at home so I am not positive on the current numbers.
When you run “ip addr” does the public IP address appear assigned to one network adapters on the server?
When you login to the bitdefender UI, does the other IP address register as the WAN IP for the router?
If you’d like, we can chat over a quick WhatsApp/Signal/Skype session and I can run a test to see what’s going on and if it’s something that can be remedied as I do use Shaw myself.
Yes, both IP addresses are assigned to the corresponding devices (server and BitDefender Router) both Ips are stable for the devices. Maybe 3 changes over 4 years or so. Usually this has happened after an extended power outage (several days.)
I just tried to connect again but only using the server ip address. This time I got a certificate error displayed in Firefox. It obviously can access the server but since I am using the ip address instead of the domain name it won’t go through (doesn’t mathc the domains listed on the certificate. The certificate information looks correct (letsEncrypt with proper domain information) so maybe its an authentication issue although I don’t know why it works from all outside networks and not my home Shaw one. Maybe it is a DNS issue.
Guess I’ll do some more investigating over the weekend. I’ll try removing the bitdefender box again to verify that it is not the issue.
Thanks for your ideas. I’ll keep testing things out and see if I can get any closer.
