Networking – How to make a web server accessible from internet

1.- Web server configuration [completed][test-passing]

The web server has the port 80 open in its own firewall.

The web server is already accessible from the LAN: In the URL bar of a browser from another computer connected to the LAN, I typed the local IP of the web server (192.168.0.2), and it loaded the web page content (it was not cached).

2.- Router configuration [test-failing]

2.1.- Router model: D-Link DIR 610+

2.2.1.- Advanced / Virtual Server:

Quote from the device:

The Virtual Server option allows you to define a single public port on
your router for redirection to an internal LAN IP Address and Private
LAN port if required. This feature is useful for hosting online
services such as FTP or Web Servers.

Rule created:

• Enable Rule: Yes
• Name: Web Server
• IP Address: 192.168.0.2
• Public Port: 80
• Private Port: 80
• Protocol: Both (TCP and UDP)
• Schedule: Always
• Inbound Filter: Allow All

2.2.2.- Advanced / Port Forwarding:

Quote from the device:

This option is used to open multiple ports or a range of ports in your
router and redirect data through those ports to a single PC on your
network. This feature allows you to enter ports in the format, Port
Ranges (100-150), Individual Ports (80, 68, 888), or Mixed (1020-5000,
689). This option is only applicable to the INTERNET session.

Rule created:

• Enable Rule: Yes
• Name: Web Server
• IP Address: 192.168.0.2
• Port to Open / TCP: 80
• Port to Open / UDP: 80
• Schedule: Always
• Inbound Filter: Allow All

2.2.3.- Advanced / Application Rules:

Quote from the device:

The Application Rules option is used to open single or multiple ports
in your firewall when the router senses data sent to the Internet on
an outgoing "Trigger" port or port range. Special Application rules
apply to all computers on your internal network.

Rule created:

• Enable Rule: Yes
• Name: Web Server
• Trigger Port: 80 (TCP and UDP)
• Firewall Port: 80 (TCP and UDP)
• Schedule: Always

2.2.4.- Additionally, I made rules with the same configurations but with public ports 8080 and 8888, to later try access to the web page with ports 80, 8080 and 8888.

2.3.- Restarted the router (disconnected power cable for 10 seconds and reconnected).

2.4.- Obtained the public IP with http://www.whatsmyip.org

2.5.- In the URL bar of a browser from another computer and another internet connection, I typed the static public IP of the web server (190.xx.xx.xx), and it didn't load the web page content, I got the error ERR_CONNECTION_REFUSED. Next I disconnected the server from the network and the same error was still showing (ERR_CONNECTION_REFUSED), this means that it's not the server what's blocking the access. If instead I disconnect the router from the internet, it shows ERR_CONNECTION_TIMED_OUT. I did a port scan with a tool from http://www.whatsmyip.org and other sites, and they show the port 80 closed despite of the router's configuration that I made as presented above. Same results with ports 8080 and 8888.

3.- About the static public IP

I have a static public IP, but as long as I have researched, I don't need to configure it anywhere in the web server nor the router, it has just been assigned to me by my ISP.

4.- WAN

• Connection Type : DHCP Client
• Cable Status : Connected
• Network Status : Connected
• IP Address : 192.168.1.53
• Subnet Mask : 255.255.255.0
• Default Gateway : 192.168.1.1
• Primary DNS Server : 200.50.96.90
• Secondary DNS Server : 200.50.96.130

5.- What else

I have spent a lot of time going through the whole menu of the router, reading the manuals, but I have everything default except for the configuration I described above, and nothing appears to be possibly blocking the access. I can browse the internet from any computer connected to the router, included the web server. I can access the web server page from the LAN, yet not from the internet. Why? How to solve this problem?