Cannot access Public IP outside LAN

According to your diagram, it appears that both networks are not connected. While each have access to the Internet, there may not be a route in place for packets to go out one gateway and back into the other, assuming that both connections are with the same provider.

Internally, you could connect a switch to both routers and establish one private subnet within your LAN. This should resolve your issue.

Hmmm...If I port forwarded so I can access it via Public IP, why would the networks need to be connected?

Since I'm still learning, how would one make a server public to the world?

Thanks.

So I am assuming that the issue you are having is only with hosts on the same network as the laptop. Can Internet users access the target public IP? If the problem seems to only affect your internal network, I would tend to think its a routing issue where packets leave your Internet connection and your provider (being the same one) is not routing packets into your second Internet connection. Please verify.

I am having this problem with all hosts that are not connected to the Surfboard. I have verified that the ports I needed open on the modem are open. I tried firewall exceptions in place and no firewall at all.

The problem I do not understand is why can't anyone else access it. For instance, I can be at Starbucks connected to their wifi and I should be able to access the page. Obviously, I can't.

The only thing left may be is the ISP. I will verify this once I know.

That's my point. You may not be able to access the public ip from within your second LAN. It could be a routing issue.

Is there another step besides port forwarding that I am missing? How would I enable access to the public IP?

So I went back and re-read your last post. I was under the impression that you could access the target IP from the Internet (at Starbucks), but not able to the internal, non-surfboard network.

So, first of all your Surfboard Gateway needs to be listening on that port. Have you logged into that device and configured port forwarding? If yes, which computer on the internal network are you forwarding to? Is that internal host running an application that is listening on the target port?

No it can't access it from Starbucks. That's what I want it to do.

The surfboard has open ports: 9090, 5222 and 7070.

As in the diagram, PC0 is where the server is located. Therefore, I have it port forwarded at that address, lets say 123.456.789 (I can't remember it right now). On the modem I have opened the three ports 9090, 5222 and 7070.

This is how it is forwarded on the modem (NOTE: The BOLD is what I can input):
Local IP: 123.456.789 ---- Start Port: 9090 ---- End Port: 9090 ---- Protocol: TCP ---- Enabled: checked marked
Local IP: 123.456.789 ---- Start Port: 5222 ---- End Port: 5222 ---- Protocol: TCP ---- Enabled: checked marked
Local IP: 123.456.789 ---- Start Port: 5222 ---- End Port: 5222 ---- Protocol: TCP ---- Enabled: checked marked

Back to the diagram, I can access Public IP 207.62.151.42:9090 from PC0 and PAC1. NOT laptop1 (which my example was I want to connect from Starbucks = anywhere)

Here, I assume if I can access Public IP 207.62.151.42:9090 from laptop1 then I access it from anywhere.

I hope that clarifies things.

Yes, this is a much better explanation of your issue. First, I was trying to establish this assumption...regarding your laptop. If you are unable to access these targets ports while at home, that doesnt mean you cannot do it from anywhere else. The problem may only be on your local wireless network. However, you indicated that you cannot access it from anywhere on the Internet.

In any event, I checked your ports using an online web site that scans for open ports. The three ports you listed above are open. I checked from two different sites.

Here is a screenshot.

You are partly correct. I can connect to it within all devices connected to the surfboard.

I cannot outside of the surfboard. That is what I am trying to figure out. Just like you. I have checked all ports are open. I still cannot access the 207.62.151.42:9090 from Laptop1. Only PC0 and PC1 which is connected to the Surfboard.

Since I feel like I am doing everything right (port forwarding, firewall rules and/or no firewall, ports are open, etc.), is it possible the ISP is blocking access? If it helps, I am on university housing...connected to their internet via cable modem.

I dont think anything is being blocked, otherwise, the port would not appear to be open from the internet.

I'd suggest that you focus on PC0 and take a look at the application that is running these ports. Is there logging that you can enable? If not, no worries... you can also install a packet capturing application such as Wireshark. This will tell you at the very minimum if the packets are or are not reaching this server. If they are, you know that the problem lies with this server. If the packets are reaching it, the problem is somewhere between the router and the server. The packets are reaching your router because the ports are open on the router. You need to focus on what happens to the packets after that.

It's been sometime since I used Wireshark. I've filtered it to ip.src == 207.62.151.42
What I am looking for exactly?

Well, when you start the capture, you should try accessing the target on the open ports via from a device ouside of your network, such as the Internet. Could be a mobile smartphone for example.

Since your router appears to be configured correctly and the ports are reported as open, you should see packets arrive on that host. If wireshark is configured in promiscous mode, you'll see all packets that arrive at that interface regardless if the packets are destined for this target system.

If you see the packets, then you know that traffic is reaching the server.

On PC0 I see packets going to an fro. It gets [SYN] and [SYN, ACK]

I tried Wireshark on laptop1 and it only gets [SYN]. Laptop1 obviously cannot communicate with PC0 (where the server is located). Now, if this is router issue, what might it possibly be?

I'll take a look at the server configs again to see if I missed something.

So I checked the server, everything looks fine....Is there even an possibility that the universitiy's firewall are not allowing me to access 207.62.151.42:9090 on laptop1?

I've set up a DNS host at openfireserver.hopto.org, which is linked to 207.62.151.42. Therefore, if I enter the hopto address it will send me to the admin page. BUT of course it doesn't.

I'm still perplexed as to what settings I did or should do that I am not already going.

.Is there even an possibility that the universitiy's firewall are not allowing me to access 207.62.151.42:9090 on laptop1?

So that information would have been helpful in your design document. Your internet connection(s) are connected to a provider or the university network? It was my impression that you are connected to a provider. If you are connected to a provider, then no, I do not see any reason why your University's network's firewall would be involved.

Now, if you plug in your laptop into the University's network, say a wireless hotspot.. then yes of course that is a possibility.

herefore, if I enter the hopto address it will send me to the admin page. BUT of course it doesn't.

So remember that if you just open a web browser and type http://openfireserver.hopto.org, you are going to hit port 80 on the public side of your router. The online port scanners show that port 80 is closed on your side.