Windows 10 Pro 64 and IIS 10.0: Cannot see my website from Outside my network

[baker7]

Good Afternoon:

I have been using Windows 10 Pro 64 bit for about 3-4 months. I have also installed Internet Information Services Manager (IIS) Version 10.0. I will tell you a little story:

I have had a working Linux Server (Debian 5.0 - Lenny) for a LONG while, since 2011 setting up web and shell based services. In July of 2013, the server went down for the last time, and has not been connected to the Internet or the Intranet since. I have renewed BBUS's Domain for 2016, and would like to continue to serve a page to people. This time, would like to run it off of this PC (BRIAN-PC). Why you ask? This is because someone broke into our offices and removed all computers that were in the basement of this location. This really made me MAD, as I had put so much time into this machine, and it actually WORKED well.

Now, I want to move forward and try to serve a page. I am really at a crossroads here, because when I installed IIS, I configured it as I believe it should be, and when the server is ON and running, if I am sitting in front of BRIAN-PC, I can go to https://buddy-baker.us, or https://www.buddy-baker.us I can get the site to pop up, because it seems to resolve to my PC. I have opened ports in testing phases, Port 80, Port 90, and Port 9000. Doing this brings up the site on the internal IP, as long is it is bound to the site.

However, If I go to my roommate's Apartment across the hall, I go to https://buddy-baker.us or https://www.buddy-baker.us, or https://buddy-baker,us or https://www.buddy-baker.us I get nothing but a "Waiting for Response from buddy-baker.us" and then it just goes to an "Oops..." Page.

It seems that when I PING buddy-baker.us I get 4 rounds from 75.133.xxx.15.

So there are other things I have noticed as well.

1. I have opened port 80 for 192.168.0.10 - I also opened port 90 and 9000 - These ports are forwarded to the external IP of buddy-baker.us - They seem to respond OK

2. The "oops Page" is telling me it cannot display the webpage when I do further investigation, it shows a time out

3. Even though I have opened port 80, 90 and port 9000, if I use a port scanning tool, it shows ALL ports closed.

4. for XBOX ONE - One of the ports it needs for operation is port 80 - I KNOW from past experience, that this is because of the use of MS Edge. Since I don't use MS Edge on the xbox, and because you cannot have the same port open for 2 different IP addresses at the same time, I REMOVED port 80 from the XBOX ONE's IP Addresses - It seems that there is a plethora of ports that it uses.

5. I added an INBOUND Rule to ALLOW Ports 80, 90 and 9000 through the Windows Firewall.

6. SSL (https://) is NOT available right now, because it has not been installed

7. I have tools called Remote Access Manager, and File Server Resource Manager - I also have placed the Event Viewer, the Performance Monitor, and the Component Services on the Desktop and pinned IIS Manager to the Taskbar.

8. My Internal ip is 192.168.0.10 for this machine (Running Windows 10 Pro 64 Bit). Charter told me that I could set a port range like:

192.168.0.10: 22 Start Port 9000 End Port (Internel) to 75.133.xxx.xx External - same Range)

9. I have Dynu dns client set up, so that my IP stays the same - However, I cannot see what happens from the OUTSIDE, and I am not sure if I can bypass what is blocking me - All I really want to do is bring my website and blog back very simply and make it work internally and externally. I may be missing something, and I may have to use apache 2.4 instead, but would like to see if I can make IIS 10 work for a small home web and ssh server.

10. I have also tried to figure out how to fix this problem - There is Little to NONE documentation for IIS 10.0, so most of what I have read concerns older versions (7.0, 7.5, 8.0) and these are different in some ways. I have even tried to go to YouTube and while it has the instructions for setting UP IIS, it does not seem to offer any configuration help - and Yes, I have googled my heart out on this,

Maybe Brian can do a video on this, as the documentation is slim to none. I do not know why I cannot access my page from 75.133.xxx.xx., and even though My ISP Says "You have total control of what ports you open, we do NOT block any on our side" (Charter Communications).

I also do not know if I have the wrong config somewhere, or if I bound to too many IP's - I just want to bring back my domain back so I can serve my blog, and have my site respond somehow, and be able to see it from outside.

I have Screenshots of the Router/modem as well, so you can see it.

Thanks,

Brian

[GuiltySpark]

192.168.*.* isn't accessible from internet.
Take a look here https://blogs.iis.net/tomkmvp/how-do-you-access-iis-behind-a-nat-router

[baker7]

GuiltySpark:

Read This article, and it appears I am STILL prevented from accessing my IP from outside the network, even if Firewalls are off, and I am still stumped - was able to setup TightVNC at one point, but even that appears to be blocked.........I am puzzled

Brian

[Compton]

I Think your Isp is blocking your ports

you can test it here
https://www.canyouseeme.org/

[baker7]

(02-07-2016, 09:30 PM)Compton Wrote:  I  Think your Isp is blocking your ports

you can test it here
https://www.canyouseeme.org/

I talked to a friend of mine about this. He stated that I should set it up so that I open the ports I need, and instead of forwarding my ports out to my external address, he says that router can get the packets IN, and once the packets get to my router, the internal address will direct to the proper internal port. so he says I should do this:

192.168.0.10 Start Port 80 END PORT (however many I want) EXTERNAL Ports would be the same, but I would put 0.0.0.0 as the external address. He says my router should be able to take in the traffic, and direct it to any machine I want, if it sees the port open and available.

The problem is that as I stated, I cannot use a port scanner that will give me ACCURATE information about the status of my ports. When I did a NMap Scan, it tells me that 22 and 5900 are open, but when I do a scan using any online scanner, the ports are CLOSED.

Is there a way to bypass my ISP and use a different IP to get around restrictions? I asked Charter Communications about ports, and they say that they do NOT block any of them, but I am stumped..........


Brian

[Compton]

try using a vpn and see if you still get a port close with the online scanner

[kunal]

Hi ,

Below are the results of what i tried to diagnose the issue for your website. I can ping , nslookup shows your website ip i.e. no DNS issue. Tracert does complete despite some RTO in between. so your network is available on net. I looked the port status what you specified, all are closed. Trust me you can't blame your ISP on this most likely they control just port 25. I looked charter communication, a cable company so most likely you have no modem. Just this router. I would suggest reset your firewall in your dlink router. confirmed the ip of your computer again since you have installed IIS in the computer. Opened the ports again and in the same computer. Use the command netstat -a in command prompt , it will show you what are the ports are and their status for the computer. I am quite certain if the ports are open so will be your website. But again meanwhile i will look more into it. But at least perform these fundamentals.

below are the results for your website which i tried to look from my end.


Microsoft Windows [Version 10.0.10586]
© 2015 Microsoft Corporation. All rights reserved.

C:\Users\kunal>nslookup buddy-baker.us
Server: dlinkrouter.local
Address: 192.168.0.1

Non-authoritative answer:
Name: buddy-baker.us
Address: 75.133.182.15


C:\Users\kunal>ping buddy-baker.us

Pinging buddy-baker.us [75.133.182.15] with 32 bytes of data:
Reply from 75.133.182.15: bytes=32 time=278ms TTL=53
Reply from 75.133.182.15: bytes=32 time=286ms TTL=53
Reply from 75.133.182.15: bytes=32 time=271ms TTL=53
Reply from 75.133.182.15: bytes=32 time=288ms TTL=53

Ping statistics for 75.133.182.15:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 271ms, Maximum = 288ms, Average = 280ms

C:\Users\kunal>tracert buddy-baker.us

Tracing route to buddy-baker.us [75.133.182.15]
over a maximum of 30 hops:

1 1 ms 6 ms 2 ms dlinkrouter.local [192.168.0.1]
2 9 ms 20 ms 4 ms 172.16.1.1
3 9 ms 6 ms 20 ms 182.74.246.201
4 164 ms 166 ms 193 ms 182.79.248.234
5 164 ms 159 ms 168 ms 40ge1-3.core1.lon2.he.net [195.66.224.21]
6 262 ms 268 ms 271 ms 100ge1-1.core1.nyc4.he.net [72.52.92.166]
7 278 ms 259 ms 279 ms 100ge15-1.core1.ash1.he.net [184.105.223.165]
8 * * * Request timed out.
9 * * * Request timed out.
10 * * * Request timed out.
11 * * * Request timed out.
12 * * * Request timed out.
13 * * * Request timed out.
14 * * * Request timed out.
15 295 ms 279 ms 282 ms 75-133-182-15.dhcp.oxfr.ma.charter.com [75.133.182.15]

Trace complete.

The

[Compton]

Intersecting I still think ISP blocking ports

my Isp block ports

limits BitTorrent bandwidth

Tier 1 partners might 1 shape

limits bandwidth for accounts with a high traffic volume

limits bandwidth during certain times of the day

prevents seeding

prevents/filters .torrent download

causes unsolvable NAT problem

offers no real flatrate


now my Isp do this because my internet class is home user

what could be happening to baker7 the ISP don,t want you to be running website because
it take up too much bandwidth

now you can bypass that by using a VPN in your router

or use wordpass

[baker7]

Good Morning Everyone:

Well, I spent a good portion of the weekend at a remote location, and was able to figure out that the way I was using to forward ports was WRONG, because what I was doing when I put an IP into the EXTERNAL IP Range, it would ONLY allow that particular PC access to the network. So I removed the external IP address from the forwarding tab, and entered 0.0.0.0 and that seemed to clear up the problem as far as that goes.

Next, at GuiltySpark's and Comton's suggestions, I gave Charter Communications (Now known as Charter Spectrum) a ring, and I asked them if they could open a series of ports for me. A couple of the techs I spoke with were kind of clueless, stating that I could open all the ports I needed for my use on my side. I told them that I opened all those ports, and unfortunately, there was no way for me, or anyone else outside my network to see my website or blog, and that I needed to be able to access my windows machines remotely. (All the tests we're running were apparently, according to what we saw, not getting all the way in to BBUS.

I asked the reps to open a list of ports for specific IP addresses, and then was later informed that they could do this, BUT they asked me what modem and router I had. I informed them I had a Motorola Surfboard SB650. To that, I was told that this modem was several years out of date (support had ended for it in 2014), and that they had reports of it not working well for some clients. They also do not support modem/router combinations any longer.

So, I asked them what they DID support, and was told they had the ARRIS Modem and the Netgear WNDR 3400 and WNDR 4300 - I think I have the 3400) I asked to have my old modem replaced, and I received a package on Tuesday Night. To add insult to injury, while working at my stepmoms place with my brothers, I succeeded in PULLING the muscles on my right side, because I have to PULL up into my brother's Truck - Lucky for me, I brought all of my equipment, because it was SO COLD Saturday night, that I had to stay there, because the cars would not start.

A BONUS was that after messing with Openssh 7.1 and Bitvise SSH Client, I DID successfully get Port 22 OPEN: I was able to use the Bitvise ssh client and ssh to BBUS on port 22, login with my credentials, make a couple of minir adjustments and then close the command prompt. Then, I opened a Remote desktop connection to .10 and was able to login and control my main machine. I then open a Remote Desktop connection to .13, and was working on my Apache server.

A DRAWBACK: While working with .13 one night, at home, I heard .10 power off, then I restarted it - I Heard 5 beeps on startup, then it said "REALTIME_CMOS_BATTERY_FAILURE" Then I had a choice to press F2 to continue or F10 for CMOS setup - so it appears my CMOS Battery is dead - BRIAN-PC would not boot for a while, until this morning. I also took the time to replace my old modem with the new equipment.

Now, If I can just get the Apache 2 configured for phpmyadmin, that would be great

Brian

[GuiltySpark]

Still looks down to me.
https://downforeveryoneorjustme.com/