No-ip works for non-internal clients, pinging works internally

I'm having a really bizarre problem while using No-IP. I can access the server fine from clients not on the local network and local and remote clients can ping the server just fine. I get the same results using our No-IP name as well as the current IP address directly.

This has completely baffled me - any help would be greatly appreciated.


Solution 1:

You're trying to access a server on your LAN by using a public IP address (or a name that resolves to a public IP address) that's assigned to your LAN's edge firewall. That fact that it's working from outside the firewall, but not inside, makes me think that your firewall's NAT implementation is probably to blame.

When that doesn't work, the usual cause is that the edge firewall doesn't support "hairpin NAT" or "hairpinning". This, basically, means that the edge firewall isn't capable of receiving a request from its LAN port bound for the IP address assigned to the WAN port and "turning it back around" to the LAN. Many NAT devices do support this, but many also don't. What kind of NAT / edge firewall device are you using?

If you determine that your edge firewall doesn't support hairpin NAT a second-best choice is to create a DNS zone on your LAN DNS server corresponding to the public name of the server, but resolving the server to a LAN IP address. Clients on the LAN will resolve the server's public name as a LAN IP address (since they're using the LAN DNS server), but Internet clients (who don't have access to your LAN DNS server or, indeed, even know about it) will continue to resolve the server's public name to the public IP address.