Port Forwarding not working in DSL Router

It won't work from inside your LAN. It will only work from the rest of the Internet. Here's why:

  1. You try to reach your public IP address from a LAN machine.

  2. The machine sees that the address is outside the LAN and sends the packet to the router.

  3. The router NATs the destination to the LAN machine, but the source address is unmodified (still the LAN machine that originated the request).

  4. Your server receives the request and sends a response to the source of the connection (still the LAN machine).

  5. The LAN machine receives a response from the server, but it was expecting a response from the router (since it connected to the public IP address, it must get a response from the public IP address, not the server's LAN address). Since the reply has the wrong source address, it is not accepted. Oops.

Port forwarding (rewriting the destination address) only works from the outside to the inside, not from the inside to the inside. For that, you need hairpin NAT which rewrites the destination address in addition to the source.


A lot of routers do not allow connections they had forwarded from the local network to its WAN port to traverse back into the LAN (NAT loopback or hairpin). The WAN IP is then inaccessible from inside and you would have to use different addresses to contact the router or the machines to which ports have been forwarded, in your case 192.168.1.7. You can test the port forward from outside. With a web server, the easiest way to do this would probably be to use a proxy such as http://hidemyass.com.

If you want to access the server through a domain name, you will run into the same problem. The DNS servers will direct you towards the public IP address. By editing the hosts files on local machines, you can have them point to the local IP of the server instead, and you would be able to use the same address everywhere.