- I have a (wireless) router set up in "gateway mode." Hosts on the LAN are dynamically assigned 192.168.1.x addreses, and the router itself is
- When I interface with the router (via web interface) to check for its WAN IP assignment, I get to my astonishment the following:
IP Address: 10.202.46.2 Subnet Mask: 255.255.255.0 Default Gateway: 10.202.46.1 DNS 1: 10.202.46.1
Of course, I am astonished because 10.x.x.x. are also designated for private LAN and not Internet IP addresses, right?
- I have access to a host "on the Internet" (169.237.x.x) through a remote desktop connection (which can be made!) and so can follow all sorts of TCP activity (ftp, http) from that host while at host 192.168.1.3. This remote host is running FileZilla ftp server and I can monitor attempts to connect and IP addresses. When I attempt to use FireFTP (an "extension" creating an ftp client within the FireFox http client), the FileZilla server monitor on the remote host reports that my IP address is
That means that the ISP must be "onion"ing its network: that is, providing service as a layer or shell of its own private network, and running a layer within a layer, with a complex network address translation system. Is that possible??
At any rate, I am not concerned about how they configure their networks. I am ONLY concerned that they are or might be firewalling inbound port 80 service, or for that matter, any service.
QUESTION: What is going on here? I have additional information below which may be helpful.
- When I attempt to connect to the FileZilla server on the remote host through the FireFTP client, I can login, but I cannot start a file transfer. I always get a
error.
- In attempting to monitor traffic through various hosts, I have been trying to enable logging or other kinds of monitors.
(a) the router has its own logging feature which I have enabled, but it only shows "outgoing" traffic to various unrecognizable IP addresses as destinations and all the hosts 192.168.x.x. on the LAN as sources and the ports are usually "www" (assuming port 80), "ftp" (assuming port 21) and strangely, port 500 (is this a known security exploit?)
(b) I am looking for monitoring software to use on the 192.168.1.3 host running IIS web server (on a Vista Premium windows environment), which I also want to use for ftp for large file transfers. I will probably install Wireshark, which is probably overkill for the monitoring I need.
QUESTION: are there other ways to monitor my attempts to request http service from the remote host...to see if it is getting to the target host, or at least to the router? How does one enable logging on IIS? It's not obvious, and I probably should be using Apache anyway.