Excuse me if my question is too simple. Recently I installed lighttpd (optware) on Tomato USB. It works on LAN - index.php is accessible on 192.168.1.1 (on port 80 as set in .conf, with the router's web gui port-shifted a bit). However, the web server is still not seen via my static WAN IP (which responds fairly well to pings with ttl=59). I've tried to forward (TCP/Both) port 80 on 192.168.1.2 (and 192.168.1.1), but it doesn't seem to change anything. Please, could you tell what did I miss (or misunderstand)?
Date: 31 Oct 2010 01:09
Number of posts: 7
RSS: New posts
Do you have "Remote Access" under the Administration | Admin Access enabled (or does moving the Admin port elsewhere also effect the forwarding of the remote access port too?)
well, setting remote access to port 80 brings router's web-gui admin pages (on "http://<my-static-WAN-IP>/" open via another ISP), while disabling or changing port for admin access (say, 85) doesn't let web-server index page appear instead. Just the same old "Network Timeout".
So, admin web server works remotely, with lighttpd still seen only on LAN devices. I'm at my wits' end.. )
There's one Russian instruction for lighttpd on dd-wrt, that says:
"To access web-server from the outside (world) add this line to firewall:
/usr/sbin/iptables -I INPUT 1 -p tcp —dport 80 -j logaccept"
This syntax doesn't work for me on Tomato, probably because of "logaccept". However, should we add anything manually to iptables to make optware web-server on the router itself work as expected?
1. If you want the lighttpd to be accessible on port 80, change the port for the internal web server from 80 to something else. Otherwise, change the port in the rules below from 80 to whatever you want to use for lighttpd.
2. Add the following to the firewall script:
iptables -t nat -A WANPREROUTING -p tcp --dport 80 -j ACCEPT iptables -t filter -A INPUT -p tcp --dport 80 -j ACCEPT
Note: for builds 51 and older, replace the 1st rule with:
iptables -t nat -A PREROUTING -p tcp -d `nvram get wan_ipaddr` --dport 80 -j ACCEPT
P.S. The 1st rule may not be needed at all - try with only the 2nd one first, and if that's not enough, then try adding the 1st rule as well.
Tested. Works fine (Tomato USB build 52 on DIR-320/ASUS WL500gp v2). Thank you for answering these simple questions of ours. For your great team of supporters - it would be also nice to see these commands documented in some sort of tutorial on "Lighttpd on Tomato USB", maybe as a part of "Optware Tutorial".
I am having the same problem, however, the solution posted here isn't working for me. When I enable Remote admin access I can access Tomato's web-gui from outside my lan.
I have lighttpd installed and running on port 8080 but adding that port to the iptables doesn't solve anything. Anyone got any suggestions what to do?
I am running build 48, might that be a problem? I rather not upgrade as I had some WLAN issues with the more recent builds.
Thanks for any help!