Public ip address can't be used locally to access hosted websites

I have snow leopard server and I have successfully set up the server to be accessible via a public static ip address. Im hosting some test websites, and cannot access those sites locally using the public ip address, only using the private ip address. However, externally, I can access the sites using the public ip address.
In other words, while I'm at the office, I can only view the sites using the private ip address and not the public ip address. However, while I'm at home I can see the sites using the public ip address.
Why can't I access the public ip address locally?
I'm new to os x server ... New to any kind of server for that matter, so please keep explanations simple.
I'm at a serviced office, and the router here is not mine and I have no control over it. Some IT company manages it for the site, and they weren't very helpful. The basically told me there's nothing they can do and blamed Mac os x server - since they could just wash their hands of the matter since they don't deal with macs.
I was told by someone else, that this is common issue with some routers and that they could fix the issue on their end, but don't want to do it for what ever reason.
I could simply access the sites using the private ip address, but I'd rather use the public one as this is currently causing issues with some of the software we're using.
Any ideas how to resolve this?

The IT company (shock, horror) apparently doesn't understand IP routing, or didn't understand what you were asking. This case has nothing to do with Mac OS X nor Mac OS X Server, and everything to do with the capabilities of the gateway box.
I'm here going to refer to the firewall / gateway / router / DHCP server / box at the edge of your network as a gateway, because I really don't want to type all that stuff each time I describe this box. Your particular box might or might not be capable of all that.
Why? Likely because your particular gateway device is not capable of detecting and reflecting the connections back toward the target server.
IP routing. In small words.
If an IP address is within a range of IP addresses designated by the subnet mask, the packet goes directly to the target host.
If an IP address is not within that range, the packet is sent to the gateway.
The gateway will then send the packet to the next router on the way to the target. With a typical low cost firewall gateway box, that next router is likely the ISP's routers. With a somewhat higher-end box and with a smarter router within the gateway, the packets can go to other IP routers.
If the gateway is implemented for it, the gateway router's own address(es) will be recognized, and reflected back inwards. That means the address is public IP address on the way out, and is NAT'd when reflected, and sent back at the target host via whatever local processing rules or local port-forwarding rules might be defined and present within the gateway box.
Now what usually happens here ([once you get the hang of setting up DNS services|http://labs.hoffmanlabs.com/node/1436]) is called split-horizon DNS, and that's where your public DNS domain is also mostly-duplicated as one of the domains on your LAN and thus reachable in your LAN domain, and your local DNS server in your Mac OS X Server is then configured to return a private IP address (and one within the range of addresses defined by your IP subnet mask), and which entirely bypasses your gateway and allows the packet to go directly to the target box. Put another way, with split-horizon DNS, you insinuate your LAN DNS server into the network and configure it to pass out (or spoof) IP name-to-address translations for your public DNS names, and pass out local (direct, LAN, private) IP addresses.
The other option is to see if the IT company can switch the gateway box into what's usually called "bridged" mode, or swap in a box that acts as a bridge and not a router, and to install your own gateway behind it. Not all boxes permit that, but some do.

Similar Messages

  • Public parts not allowed to be used by the access control list

    hi,
    I have 2 DCs. DC1 and DC2.  I want to use public parts of DC2 in DC1. When I try to do so in in the dependencies tab, I get the following error.
    some public parts are not allowed to be used by the access control list.
    how to resolve this error ?
    Thanks !

    Hi,
    Sorry for the delayed response ....Both ends static routes are added for the connected test interfaces.....
    Regards,
    Mahesh 

  • ICloud email address can't be used for iMessage or FaceTime

    When trying to add an @iCloud email address to the 'you can be reached at' list in iMessage/FaceTime I get an error message that says 'This email address cannot be used for iMessage'
    The primary email address I use for iCloud, iMessage and FaceTime is not an iCloud email address - would this make a difference?

    Then it's probably an alias address.  If you go to iCloud.com, launch Mail, click the gear icon on the lower left and choose preferences, then go to the accounts tab, you'll see your main address and any alias address you've created listed there (like the screenshot example below).  You won't be able to use an alias for iMessage and FaceTime, you have to use your main @icloud.com email address or add another non-Apple email address that can be verified.

  • Can WRT300N be used as an access point?

    My current network uses another company's wireless access point , but I'd like to go to an "N" speed on wireless. A store near me has the WRT300N Wireless-N broadband router on sale.  Can I use it as  an access point for my wireless computers or do I need something more specific like the WAP4400N access point.
    thanks,
    Chris

    yes..you can certainly use the wrt300n as a wireless AP .. no problem

  • How can I keep using my previous email host?

    Ok, so to give you an idea of where I am at... I have a website that is currently being hosted by a different server and recently I have purchased Creative Cloud for our media team. Well since we have purchased that subsription, I kinda fell in love with Muse and redesigned our entire website.
    Now I want to start hosting with BC, but on our previous server we have email accounts connected to our site. (For example: [email protected])
    Is there anyway to keep those email accounts after redirecting the DNS server to BC? I only know so much of this stuff and this is where it gets complicated for me.

    It's really quite simple and I would even suggest doing it.
    In your DNS settings with the company that  olds your domain name, instead of redirecting the entire DNS to the worldsecure.com domains, change just the A record in the DNS to 192.50.2.140 if you are North America. Your email will then remain just as it is with no interuption.

  • Can Automator be used to log into a website with Firefox

    Is it possible to setup Automator so that it opens Firefox and goes to a URL and then logs into a site?

    Try one of these extensions for multiple cookie sessions.
    Multifox: <br />
    http://br.mozdev.org/multifox/ <br />
    Cookie Swap extension: <br />
    https://addons.mozilla.org/firefox/3255/ <br />
    Cookie Pie extension: <br />
    http://www.nektra.com/oss/firefox/extensions/cookiepie/

  • Unable to use YouTube or access certain websites

    My wireless network is working fine - my laptop shows an excellent signal right next to the iPhone.
    BUT my iPhone is unable to either access the YouTube server or, if it can, then selected movies keep stopping after a few seconds.
    Likewise internet access is intermittent, and certain websites will not load properly.
    I have tried a complete reset of network settings - and the iPhone is showing 3 bars, and all the DHCP settings are showing (IP address etc), nut download problems continue.
    Any suggestions?

    Since this is occurring on multiple networks, Try some of the steps below that may assist you.
    1. Reboot iPhone
    *Hold down the home button & sleep/wake button together, till you see a silver apple logo then let go. Allow iPhone OS to reboot.
    Now test WiFi and Youtube
    2. Reset Network Settings
    *Settings - General - Reset - Reset Network Settings - Confirm - iPhone OS will reboot.
    Now test WiFi and Youtube
    3. Toggle Airplane Mode ON for 1 min then turn OFF.
    *Settings - Airplane Mode ON 1 min, Now turn OFF
    Now test WiFi and Youtube.
    4. Perform the following on iPhone for Safari Browser
    *Settings - Safari
    *Clear History 2 times
    *Clear Cache 2 times
    *Clear Cookies 2 times
    -Turn the following off then back on
    *Java Script
    *Plug-ins
    *Block Pop-ups
    Set accept cookies to always
    Now test WiFi and Youtube as well as your Safari.
    If you find the iPhone is still doing this. Make sure you test iPhone on an Open network as well as WiFi networks with different security types. If this continues. Then restore the iPhone.
    *Please ensure to backup all data on the iPhone before restoring. Use the following applications to store your data into. Posted in the link below.
    http://support.apple.com/kb/TS1323

  • Extended Notifications with Links while using Citrix to Access Hosted SAP

    Hello,
    I am working on a system which is hosted remotely where Citrix and Single signon are used to access the SAP instance.  I need to be able to send email to their Outlook server with executable links back to the workitems.  I had planned to use Extended Notifications to get this done.  I am fine with everything except for the Citrix link.  I am not sure whether the link in the email will be able to find its way through Citrix to the SAP instance.  I also need to know the SSO is going to work - it seems at a minimum they would need to sign on to Citrix.  Has anyone out there done this, or at least know whether it would/should/won't work?
    Thanks in advance for any help you can offer,
    Jeff Gray

    As far my knowledge, on Citrix it won't work. As far portal is concerned, it will work.
    Regards, IA

  • Multiple public IP addresses

    ASA newb here.  This question has been asked before but the configurations seem to be different so they don't really answer my question.  I think mine is pretty simple but I can't find a clear "this is what you do" answer.  I've been reading the Cisco doc's trying to figure it out but they have so many different scenarios and examples that its a little overwhelming.  Plus none of the seem to match mine 100%.
    ASA 8.4
    I have 6 public ip addresses and want to use 2 of them.  I have two servers running an application that needs port 1234 accesable externally for updates.   Can't change port numbers and obviously can't route 1234 two different places. 
    Say my range is 4.4.4.4 to 4.4.4.10.  I want to use 4.4.4.4 and 4.4.4.5.  My network currently looks like so:
    4.4.4.4 <--> ASA <--> 192.168.0.0/24
    I want:
    4.4.4.4,4.4.4.5 <--> ASA <--> 192.168.0.0/24
    Any ideas?

    none taken.
    Let me make sure i've got this right.  I'll describe what i see in ASDM.
    Line 1:  Source Intf - inside, Dest Inft - Outside, Source - server2, Destination - any, Service - tcp/1234, Source - server2-outside, Destination - --Orginal--, Service --Original--
    Line 2:  Source Intf - outside, Dest Intf - inside, Source - any, Destination - server2-outside, Service - tcp/1234, Source --Original--(S), Destination - server 2, Service --Original--
    I'm not entering your server1 info because I already have that setup and working.
    ACL:  Source - any, Destination - 192.168.1.5, Service - tcp/1234, Action - permit
    Server2 = 192.168.1.5
    Server2-Outside = 4.4.4.6 (my other external address)

  • What is the difference between Bridge Mode and sharing a public ip address?

    Hello,
    I would like to understand this difference, in general terms, and also in the context of my setup:
    I have an office inside a business center where we are assigned a fixed ip address per computer, and I don't know whether it is better to use bridge mode or to share a public ip address in order to use the benefits of the new time capsule: internet access, hard drive sharing, mobile me back to my mac? Back to my mac does not seem to be working and I get the message that I net a modem with NAT protocol bla bla bla...but I'm also not sure whether the problem is with the setup as the manufacturer claims the protocol is supported.
    Thank you for the help

    "...share a public ip address..." enables the DHCP/NAT service on the Time Capsule.
    "...bridge mode..." disables the DHCP/NAT service on the Time Capsule.

  • Using Locale in Java

    Hi guys,
    I was hoping Java Locale class can help me out wif my problem.
    I need an a class (system or engine) that can help load languages (using property files) at runtime. Basically, I will want to send a code, and I will need the engine to load the apt language form dynamically.
    I was hoping Locale class could do that.
    Am I on the wrong path?
    I will appreciate if anyone can give me a pointer on how to go ahead. Any other idea on how to go forward on internationalization of my application will be appreciated.

    I think you need to load some text at runtime based on the locale of the machine. If my understanding is correct then I would suggest you to try following code:
    ResourceBundle myResources =
          ResourceBundle.getBundle("MyResources", currentLocale);
    currentLocale can be found using Locale class. Once the language specific resouce bundle is loaded, it can be used like:
    button1 = new Button(myResources.getString("OkKey"));
    button2 = new Button(myResources.getString("CancelKey"));Make sure you have language based resources available at runtime.

  • Why can't I see the "http" on my address bar when I access a website anymore ?

    In previous version I can see the "http" when I access a website (ex: yahoo.com) Now I can't see it anymore. I want to see it on my address bar. How can I figure it out ?

    Users can revert to the old behavior by setting '''browser.urlbar.trimURLs''' to '''false''' in '''about:config'''.<br>
    <br>
    <br>
    To change this preference:<br>
    <br>
    type about:config in the Location/URL bar and press Enter.<br>
    if you see a warning, accept (promise to be careful)<br>
    Filter: browser.urlbar.trimURLs<br>
    in lower panel, double-click that item to toggle value to false<br>

  • Can I still use Aperture to buy books

    Photos does not seem to have any editing tools of note for creating Books like Aperture. If I use Aperture to create a book can I still buy one or must I use only Photos now?

    I have used iWeb without MobileMe for several years now. I use wordpress for my blog which i perfer to iWeb's blog if for no other reason than it can be updated via the iPhone/iPod Touch/iPad when on the go.
    You can continue to use iWeb to create & maintain website however, you will need to find a 3rd party webhost for your website, I have been using IX Webhosting for several years now with little to no problems "usually the problem was something I did" and they have been quick to solve any issue I have come across.
    http://jeffnitschke.com/IXWebHosting.html
    http://jeffnitschke.com/wordpress/2012/06/how-do-i-move-my-mobileme-site-ix-web- hosting-blog/

  • Can't access one website

    There is one website which I can't access.  Nothing odd about the site -- it's a client website that's full of photos I need to view & download.
    I can access the website if I plug directly to my Comcast modem.  It appears the AirPort (Extreme 802.11n) is being blocked by this website.
    I don't seem to have this problem with any other websites.
    How/what do I change on the AirPort so that this website will no block me?
    I'm on 10.6.8
    Thanks.

    SOLVED!!
    The website is Portuguese.  Here's what conspired:
    1) (from me) "Hello,  I need some very technical help (I apologize for the English).
    I am a graphic designer working on creating marketing materials for ____.  I am using your site to collect marvelous photos.
    Unfortunately, ________.com has blocked me.  I need someone to turn off this block.  I am not sure how this is done.
    The address that is blocked, is my MAC (Media Access Control) address, also known as an ethernet ID.
    That number is
    00:00:00:00:00:00
    Please let me know if you can help me, or if there is someone else I should contact."
    2) (from them) "Dear _____,
    Thank you for your e-mail.
    We already talked with a technician. He needs to know your IP. You can check it on this website - http://www.whatismyip.com"
    3) (from me, who didn't think the IP address would help, since the block was only on my Airport) "Thank you.  My ip address is 00.00.000.000
    The problem may be more specific to one device MAC address, which is 00:00:00:00:00:00"
    4) (from them) "Your ban has been lifted. You should be able to access now.
    You were automatically blocked on Fri Jul 20 19:08:41 2012 (PT time) because of 15 failed FTP login attempts in a short period of 5 minutes. Please make sure to save your password somewhere safe and don't retry failed attempts. If you misplace your password and can't access, you should contact us instead.
    May I also inform you that device MAC addresses can be blocked on local area networks (LAN). On the Internet (WAN, or Wide Area Network), we deal with gateways, which is your public IP."
    This all happened so quickly, I was SO impressed!!  I don't know how there could have been 15 FTP attempts... unless my browser was stuttering or re-trying repeatedly or something.  I was blocked after the first attempt.
    But it's fixed.  Yay!

  • Got an exception in IE11 - 'This page can't be displayed' while accessing intranet website

    Hi,
    We have published an intranet portal website to our external customers.
    Few of our website users occasionally get 'This page can't be displayed' exception while accessing our website. The HTTP request is in pending state for almost 10mins and then they get this exception. Ones they refresh - the page gets displayed
    without any issue.
    More details :
    - These users are in different LAN than the LAN on which our web-server is hosted.
    - They use IE11 on Windows 7 Operating system.
    - This exception occurs occasionally and not able to reproduce consistently. But they get it once or twice when they continuously use the website.
    - When the browser was waiting for the HTTP Response, there was no
    HTTP Request logged in our web-server.
    Below link is the network report capture when the exception happened using IE11 F12 Inspection add-on.
    IE11 F12 Network report
    Note: Earlier our users had accessed our website using IE8 and Windows XP. Now their system was upgraded to Windows7 and IE11. after which they face this issue.
    We want to find - if this is a network issue or is it an issue with the browser / OS or totally something else.
    When I searched in the net about this issue - some mentioned that this issue will not occur with Chrome or Firefox because they cache DNS and IE doesn't and relies on the OS to do the DNS caching (I am not clear about this).

    Hello Robert,
    Thanks to share  some Developing Tools to use to debug this issue.
    As we tried to capture network traces through wireshark & founds no handshake called with some certificates from IE 11 else same certificate working in Firefox on same windows 7 PC  & for some certificate which also
    created with same process and key algorithm/length working on both IE 11 & Mozilla Firefox
    Regards,
    Sumit  

Maybe you are looking for

  • Can't edit part of someone else's pdf form

    I'm trying to modify a pdf form that was made by a govt agency (why isn't important, it's basically the current example of this occurrence - I've run into this elsewhere). I'm kind of a n00b at this so I've still got alot to learn... The doc has what

  • Problem with changing hostname

    At work, I got a new Mac but seems that it was on display (turned on) at the store where it was bought from. This means that some minor low level setting are still there (even though when I started it, it showed me the welcome wizard). The problem is

  • CONTENT SERVER SETUP ON ORACLE 10G IAS (10.1.3) oracle E-business R12.1.1

    Hi Experts, Quick one - I have been requested to Integrate the CONTENT SERVER SETUP ON ORACLE 10G IAS (10.1.3) with oracle E-business SUit R12.1.1. Please also let me know do we have to apply any patches on the E-business Suit for Integrating Oracle

  • Lost Phone Numbers after Sync with Mac

    Hi Everyone, I am new to the Blackberry forum and to the Mac.  I love both of them but yesterday I used the new Desktop Manager for the Mac to sync with my Mac and it wiped all my phone numbers on the Blackberry.  I still have the numbers on my hands

  • Is there any way to use a file transfer protocol to upload files to icloud?

    Is there any way to use a file transfer protocol to upload files to icloud?