ASUSTOR Community Forum

[lem0nad]

Hi all,
Model ASUST AS6602T, last firmware.

Maybe someone can help, because can not get solution for this, or maybe i did smth wrong:
I want to connect to Web Site (web center) through internet. Local connection works perfect.
EZ-Route have forwarded port.
DDNS connection success, but i can not connect, have Err "Multiple routers detected. The router's external IP is different than the NAS's external IP. Please check your network environment first.". I can not have Public IP, because my ISP can not provide (my location Mainland China).
Thought EZ-Connect no problem with ADM Web service connection and FTP....but other i can not connect. Can not see Port 80, 443, even my website port can not see.
Router have forwarded all this ports, UpNp Enabled.
Please have a look in attached screensavers.
At the beginning in EZ-Connecti forwarding port FTP and ADM Web service, today have forwarded also SSH and WEbDav. But i did not do anything...just appear this ports.

[father.mande]

Hi,

Not easy to have a good advice ... without full visibility of your network ...

BUT using a ssh terminal with root/your_admin_password ... you can check somethings
1
compare external IP from DDNS (ADM Web page Manual Connect) to result of :
curl ifconfig.me
command line ...
2
use :
upnpc-shared -l
to get the upnp IGD redirection and look for MAPPING (done automatically in some cases) if existing port is already redirected. It can also show you multiple router if exist. If mapping is used ... test with the external mapping port.
3
have a look to your static forward port in your router

Also ... try using other port than 80 and 443 ... in some rare case, some ISP keep this port for themselves ...

Philippe.

[lem0nad]

I disabledEZ-Route port forwarding, but still can connect by EZ-Connect.

[lem0nad]

Thanks for reply.

Hi,
Not easy to have a good advice ... without full visibility of your network ...

BUT using a ssh terminal with root/your_admin_password ... you can check somethings
1
compare external IP from DDNS (ADM Web page Manual Connect) to result of :
curl ifconfig.me
command line ...

This command show DDNS port, this one "Success", but i can not get connection.

2
use :
upnpc-shared -l
to get the upnp IGD redirection and look for MAPPING (done automatically in some cases) if existing port is already redirected. It can also show you multiple router if exist. If mapping is used ... test with the external mapping port.

This i already know that between me and internet have another router, i can not turn my ISP router to the bridge mode (because connection through PPOE)

3
have a look to your static forward port in your router

Also ... try using other port than 80 and 443 ... in some rare case, some ISP keep this port for themselves ...

Wher to change this port, in Web Center? If i change in web center so Apache stop working. If i forward in EZ-Route, so nothing happen.
Actually i don't need 80 and 443, this is Apache ports, i have setup web site folder by another port, but this port can not see in EZ-Connect, in EZ-Route have, but i can not connect.

BTW in EZ-Xonnect now have forward next port: FTP, WebDAV, SSH, ADM Web Service...before had only FTP and ADM Web Service.

[Nazar78]

You have double NAT, changing the ports will not work either. Need access to your first ISP router to configure as bridge mode (depends on the router) or forward the ports to your second router. If you don't have access to your ISP router then you need to talk to your ISP or change to an ISP that allows home hosting (technically most don't but some gray area).

[lem0nad]

You have double NAT, changing the ports will not work either. Need access to your first ISP router to configure as bridge mode (depends on the router) or forward the ports to your second router. If you don't have access to your ISP router then you need to talk to your ISP or change to an ISP that allows home hosting (technically most don't but some gray area).

Thx, I have read this before. As I have told, I know that I have double NAT, because my ISP have some router between my ISP router.
In this case no solutions? Because my ISP can not provide public IP( at this time as most of ISP). Means NAS have no sense to connect to the Web Host from internet?
EZ-Connect can forward port(UpnP) without EZ-Route (because I have disabled).
But EZ-Connect living his own live, sometimes can forward different services, and I can not control forwarding as in EZ-Route.

BTW I have tride to manually forward ports, enabled UpNp...but still get not get access to Apache. I jave chnage ports from 80/443 to 10800/10433...that's no helped.
Looks like Web Host can not go through EZ-Connect, because even under virtual portal can not open phpmyadmin (have icon on the portal desktop).

[Nazar78]

The NAS is only configuring UPnP on your second router but the first ISP router is still not DNATing the incoming ports to your second router. So no matter which port you set on the UPnP nothing will get through without first setting it up manually on the ISP router.

- Not sure about your ISP router if it has UPnP enabled and if you could connect your NAS directly to it to initiate the UPnP hole punching. Perhaps it would work. And it that works, you can create another subnet using the second 2.5G port of the NAS for your internal access to the second router.

- If your ISP supports IPv6 and router enabled prefix delegation, you can eliminate the port forwarding altogether provided there's no firewall or filtering on the ISP router. The firewall or filtering then could be done on your second router to prevent unauthorized access to the opened internal IPv6 ports.

- Another method I could suggest which is more complicated is that if you have an external cloud hosting, you can setup an auto reversed SSH tunnel from the NAS to the cloud server. Point your DDNS or domain to the cloud server IP running a reverse proxy forwarding it back to the NAS internal IP and port 80/443 or whichever ports you desire. This is known as relay/tunneling similar to EZ-Connect but you have more control over your own cloud hosting as opposed to Asustor's server like using any ports other than the ones predetermined by your ADM account settings.

Else there's no other solution I'm afraid.

[Nazar78]

Additionally here's one cool trick you can use the web hosting on your NAS without ISP access although it's limited because it's using Asustor's server, thus as mentioned in previous post it's better to have it running on your own cloud hosting like AWS or AliCloud for full control.

Enable EZ-Connect, enable Web Center in EZ-Router forwarding list, then with any shell connection, run below:

Code: Select all

curl -s https://YOUR-CLOUD-ID.ezconnect.to/|grep relay_url|sed -r 's/.+"relay_url":"(.+)","cloud_id".+/\1/'|sed -r 's/\\//g'

Copy the URL result above then append www/, open in the browser and you will see your /share/Web/index.php welcome page.

Enable personal website in the Web Center, then create a www folder with an index.html file on any of your home users i.e. /share/home/USERNAME/www/index.html with the content "hello world!" Access it with the URL above appended with www/~USERNAME/ and you'll see "hello world!"

You can use any free hosting redirect or iframe (configure Cross-Origin on your website) or URL shortener service using the URL above and the appended suffixes.

Note you can also append supported ADM apps paths like shell-in-a-box/ to use those apps (EZ-Router forwarded list) but use with caution especially those apps that could easily expose your NAS.

[lem0nad]

Thank you for your suggestions, I'll try
Yeah better way if ISP will give direct connection, I'm still pushing them