Thank you! I received several answers, mostly in private. I was able to
solve the issue, but it had nothing to do with the OpenBSD machine. Some
brief comments:
1) About DMZ (Demilitarised Zone), I tried configuring the router with and
without putting my OpenBSD laptop in DMZ (unfortunately it didn't change
the results).
2) I'm including PF config here - no change from defaults. I'm assuming for
now I shouldn't bother with PF config in this context, but please let me
know if I'm wrong.
3) What I did was to reset the cheap modem/router to factory settings
(because at a certain point the whole thing was a bit of a chaotic tweaked
mess!), put it in bridge mode, and disabled DHCP. I then connected the
cheap modem to the TP-Link WAN input, and configured PPPoE using the same
config that was being used in the cheap modem/router. It worked like a
charm! :-)
Thanks for the tips anyway!
On Fri, Jan 19, 2018 at 2:29 PM, Oliver Marugg <quand...@gmail.com> wrote:
> hi
>
> check: which device does nat for you. On that device configure
> portforwarding from external to internal, eg external ip:port to your
> internal host:port. test it from outside.
>
> ip forwarding on your OpenBSD laptop isnt necessary here, your laptop
> doesnt act as a router in your homesetup.
>
> -om
>
>
>
> On 19 Jan 2018, at 15:55, Michel von Behr wrote:
>
> Hi - rookie question: I have ADSL internet at home, distributed to local
>> hosts via a cheap modem/router provided by the ISP. And connected as one
>> of
>> the network nodes is an old laptop running OpenBSD. I want to use that
>> laptop as a webserver, ftp server, etc. I can connect to the laptop
>> internally, from within the local network (192.168.15.11) via http, ssh,
>> ftp, etc, but I can't see it from external hosts. I already tried
>> different
>> configurations in the router/modem related to port forwarding, NAT, but
>> without success, so I'm starting to think that it might be something I'm
>> missing on OpenBSD network config (PF maybe?).
>>
>> I tried enabling ip forwarding in sysctl but I still can't see it from
>> outside hosts.
>>
>> Specifically, my question would be this: if I can see my laptop from
>> within
>> the local network, would that be enough to guarantee that I should be able
>> to detect it externally? If not, what configuration should I be looking to
>> adjust?
>>
>> httpd.conf is accepting connections from any IP address, as far as I
>> understand this:
>>
>> # $OpenBSD: httpd.conf,v 1.17 2017/04/16 08:50:49 ajacoutot Exp $
>>
>> #
>> # Macros
>> #
>> ext_addr="*"
>>
>> #
>> # Global Options
>> #
>> # prefork 3
>>
>>
>> #
>> # Servers
>> #
>>
>> # A minimal default server
>> server "default" {
>> listen on $ext_addr port 80
>> listen on $ext_addr port 8080
>> listen on $ext_addr port 50080
>> root "/htdocs/"
>> directory {
>> no index
>> }
>>
>> location "*.php" {
>> fastcgi socket "/run/php-fpm.sock"
>> }
>> }
>>
>> As for ssh_config the only change I made to the default config file was to
>> include port 50022 (trying to avoid any blocking to port 22 that my ISP
>> might be enforcing).
>>
>> Any pointing to the right direction would be appreciated...
>>
>> Kind regards,
>>
>> Michel
>>
>
