Trying to set up at-home server but not able to set up IP forwarding

Solution 1:

The screen you see is your Embarq 660R (which is a ZyXEL).

If you get the bad gateway error when connecting from the outside, that means that the Embarq is not configured to allow incoming connections (WAN-to-LAN).

What you'd need to do is set up a firewall rule redirecting WAN port 80 to the port 80 of your Vaio on the LAN side.

The issue here is that fiddling with the firewall might expose your machine and allow unauthorized third parties to gain access to it. Unless you know what you're doing, maybe it would be better to require a reconfiguration from CenturyLink, if they're available for such services.

Otherwise, from Advanced Setup (second menu item on the left) you can add a new WAN-to-LAN rule for HTTP service (or use Custom TCP Service, then enter a name of your choice, TCP (should be the default or even unchangeable), inbound port 80, and select ALLOW.

The packets are now allowed to enter your home and go nowhere. To make them go where you need to, you also have to add a NAT rule: inbound port 80, outbound host (the IP of your Vaio), outbound port 80, from the same firewall advanced setup menu.

Be careful to choose "WAN to LAN" since the "LAN to LAN" option should be the one that you use to access the configuration. If you mess with that, you're in trouble: see this post for details.

Also, check that the subnet of Embarq and your "internal" router is the same. If it is not, say if the inbound port of the Embarq has 192.168.2.1 and the router assigns your Vaio 192.168.4.20, you will have to input a NAT rule on the Embarq towards the "WAN" address of the internal router, and a NAT rule on the internal router to have your Vaio receive the connection:

Vaio (192.168.4.20) <--- (192.168.4.1) Router (192.168.2.2) <--- Embarq (192.168.2.1)

The Embarq must NAT its EXTERNAL (WAN) port 80 to LAN port 80 of 192.168.2.2 (router)
192.168.2.2 is what the router calls its WAN port, and it too must redirect that
connection towards its LAN client Vaio. Hence, two rules.

(You can use a different number than 80 for the router external and Embarq internal
 ports, so that: Internet (80) --> Embarq (8000) ---> 8000 (Router) --> 80 (Vaio);
 this has the advantage of not "risking" port 80 on the router, in case it is used
 for configuration).

At this point your Vaio should be reachable from the Internet. You can set up a dynamic DNS name using services like DynDNS or MyIP. Your computer is now potentially vulnerable to HTTP exploits, so have a care when configuring your Web application(s).

If I remember correctly, the ZyXEL should have two different "Save" options - one is "Apply Rule" and another is "Save Rule". My advice would be to note down what you do and use Apply, which - again if I remember right - does not save permanently changes. If things go awry, just power cycle the Embarq and it'll be as if nothing had happened. Once you're sure that things are working, repeat the configuration and this time use "Save".

If I remember incorrectly (as I often do), check out the Configuration Backup and Restore functions, so that you'll be able to undo any modifications. The same goes for the internal router, of course.

Testing

To check things out you can use an online service. The last hop ought to be your modem. You can also try and see whether there's network activity on the modem when you try to connect from the outside, and nothing else is running. Then, a packet from the outside on port 82 (which is not NATted) should elicit a blink from the modem and nothing from the router; a connection to port 81 should elicit a blink from the LEDs of both devices.

Finally, verify that the Vaio is not firewalled and inbound connections to port 81 are indeed allowed (this can probably be done if you have either hairpinning NAT on the modem/router, or, much better, another device that can be connected to the router together with the Vaio).

Solution 2:

Looks like you are hitting the Web management page of your ISP-supplied modem/router (does it say ZyXEL on it?).

When you are trying to access your web server by the external IP address, are you doing it from inside or outside of the LAN?

If you're doing it from inside then your, or your ISP's, router may not know how to translate/route your external IP address back into your LAN (it's hairpin routing, which many home-grade NAT routers don't support). Instead it redirects you to port 80 on the ZyXEL, which lets you right in (without a password) probably because you are hitting it from what it considers its LAN-side, which your ISP has left enabled for some reason. :)

Things to try:

  1. Try testing it from outside your LAN/house.
  2. Try using a different port (say 8888) to set it all up (forwards, and web server) and see if you can get that working. If you can, then you know it's the web management using port 80 that's your problem spot.