I have an RV042 with the latest firmware upgrade. It is connected to a DSL modem which is running in Bridge mode, the 042 does PPPoE for me, and all that works fine. Firewall is ON, and the default rules are in place (read below for more on this.)
I have created a dozen or so forwarding rules to machines in the LAN for different services, and all those work fine as well.
BUT, I cannot get an external HTTP request on port 80 to route to a machine on the LAN. Basically, I want http://my.public.address to display a web page from a machine inside the LAN.
Currently, that web server is sitting at local address 10.0.1.36, and I have tried two ways to make this work: First, I tried Port Forwarding for HTTP port 80 to that IP address. It did not work. Then I deleted that rule, and created a firewall rule that said: Allow source network HTTP  from the WAN1 interface (where my DSL modem is) source is Any to route to 10.0.1.36 ~ 10.0.1.36 Always. This does not work either.
What am I missing?
Other info that might be helpful: 1). I have DDNS on, and it updates through dyndns.org. It works fine. 2). Remote management is ON but set to a port in the high 8000's. That works just fine if I go to my.public.address:8***. I can control the modem just fine. 3). I have another web server on another LAN machine listening at port 9000, and that is visible at http://my.public.address:9000 just fine.
So, what silly, stupid thing did I overlook here that prevents the default port 80 http requests from getting to the proper place? Driving me silly.
I thought about that, but not really sure how to test it. But it does seem to make sense. However, I changed the Apachee server to listen to port 8001, and changed the rules to point to 8001, and it still did not work to that system.
I will check out the port 80 anyway, but it does not explain why I cannot get there on other ports.
Now, to complicate matters more, the machine in question is actually a VMware virtual machine on another system, and the VMWare machine has it's own address from DHCP given by the 042. All other services can be seen across the firewall to and from the VMWare machine, and the firewall can ping the IP address of the virtual server. I can also see the web server everywhere inside the LAN.
Can you access the apache server via it's local IP address?
If not, then it's not working and this may be your issue, regardless of the port you're using.
I know it's a long shot, but you do know the explicit form for including a port in a url?
I mention this because various browsers are rather stinky about it.
Next, the best way to test if your ISP is blocking port 80, is to try to open your WAN IP from a browser on a machine logged into a dialup internet account while physically watching the router. If the WAN light doesn't blink when you try to load the page, then it's blocked.
Of course a sniffer is much better than watching the lights blink, but the test procedure is the same. You can also look at the router's logs to see if there's any evidence of the attempt.
If you have doubts about something capable of responding to port 80 inquiries, just enable the remote Admin feature of the router on port 80 temporarily. These are very reliable, and will respond (with a login prompt) if the packet makes it.
Another way to generate the request (without a dialup account) is to visit www.grc.com and proceed to the ShieldsUP page. You can then specify the test of port 80 (or any you wish) and get a report of the results.
I do believe I said that everywhere on the LAN can see the Apache server, no matter what port I put it on. Yes, it is running.
AT&T does indeed block port 80, so I moved this to 8001 and 85, and tried again. Still no luck.
And yes, I do not know how to include the port in the address, that is how I was testing it on other machines in the LAN, but never hurts to ask! :-) I did indicate that in older messages btw.
I did a Shileds test, that is how I confirmed the blocking of port 80. Good suggestion, but I already tried it.
OK, here is another way to think about this problem:
Inside the LAN, the address 10.0.1.36:8001 is visible to all machines. On the WAN side, it is not at http://my.external.address:8001. I have tried a forwarding rule for that port, and a Firewall rule (separately) and neither worked.
Inside the LAN 10.0.1.50:9000 is visible to all machines, it is also visible outside on the WAN (http://my.external.address:9000) and all it took was a port forwarding rule to make that work.
So why should one web server go through the gateway just fine, and the other does not. I would assume with the proper hole in the firewall or a forwarding rule, anything visible inside the LAN should be capable of being visible outside on the WAN. Is that a bad assumption?
And just to be sure it was not my DSL modem, I put my DSL modem in bridge mode and now have the RV042 doing the PPPoE, and it made no difference.
I seem to be trying your patience here, and I don't mean to.
You've repeatedly said that my questions are redundant and that you've pre-answered them in your posts. I spent a considerable amount of time trying to understand your posts before responding. I am truly sorry, but it seems the language you've been using isn't leaving me with the certainty we both need, hence my annoying questions.
Please bear with me.
I understand that the Apache server with the problem is running in the VMware machine, as you said. If you've got other servers to pass the firewall using these forwarding "rules" you spoke of, then duplicating that method is the way to go for the problem machine as well. Please remove the extraneous attempts and stick with the technique proven via the working instance.
It sounds to me like we should look more closely at the IP settings in the VMware network adapter. In particular, what is the Gateway IP it's using, and what does the routing table look like within that environment?
I see that you're sanitizing the IP / domain details in your posts. If you look at these settings and can't see anything wrong with them, perhaps you'd be more comfortable PMing them to me?
Or maybe you'd rather have someone else help you?
I don't want to waste your time or torture you any more than is absolutely necessary.
No, not at all, the router was trying my patience, because this all should have worked! :-) Sorry about that, did not mean to imply I was bothered or annoyed. On the contrary, I was happy for the help and discussion...
So, I DID get it running after all, and the rules were find after all, thanks for all the help, it made me sure that I was setting it up correctly.
I took your suggestion and checked out the VMWare setting. They were all OK, and since I could see the browser locally, I could not understand why it would not get through the firewall. but that got me thinking, what about the Linux system...
BUT, I searched the Unbutu forums for some info, and someone there said to check out the DNS settings on the Linux machine. Oh really? How could that change anything.
Well, sure enough, the DNS settings on the Linux machine were pointed to 192.168.1.1, for what reason I have no clue. Since I have never tried to go OUT from the Linux machine, it was only a server, I never saw if the network was fully functional. After all, I could see the server from other machines, it must be running.
But, and I am not fully sure why that if the DNS setting are wrong on the Linux machine, outgoing connections, that is, connections that go across the internet from the webserver, do not seem to work. Now just why DNS is needed to return a web page I do not know, but once I put real DNS values on the Linux machine, everything started to work. Go figure. Seems the RV042 was working, but Ubuntu was not.
Thanks 50BMG for your help, and again, my apologies if my frustration with the problem was taken out on you. It was certainly not my intention.
I am not certain either why the wrong DNS settings would cause the symptoms you observed. It is curious. I would consider this a potential bug until explained otherwise. It does make some sense that a problem in the "parent" environment would mask the real issue, even with seemingly correct settings the the "child" (VMware) environment.
I did want to respond to your reasoning that the server could be seen locally (on the same LAN) but would not forward through the firewall even though the firewall was set correctly.
This is the precise symptom one would expect to see with a Gateway IP not set (or faulty). Essentially, the server would not have any idea where to send responses to IPs not on the local LAN. However, locally all access would be fine.
That you ended up with a solution is all that matters now.