Can't connect to my public IP from other machine in same local network

Question

I have recently set up port forwarding on my router so that it forwards incoming traffic at port 48888 to my laptop:

I have set up static DCHP for my laptop so that it always has the same local IP, i.e. 192.168.0.35. From now on I'll use 80.222.77.111 to refer to my public IP (though it isn't exactly this), i.e. the router's public IP.

To check that this was working, I started listening to incoming traffic on this laptop with netcat:

nc -kl 48888

(using the nc package on Cygwin). I then started the mobile hotspot on my phone, and connected a second laptop to that; from there, I opened a terminal and used netcat again to connect to the host through the public IP:

nc 80.222.77.111 48888

This connected successfully and I was able to send messages back and forth.

However, when both computers are connected to the same local network (specifically connected to the same router via WiFi), this doesn't work. After starting nc -kl 48888 on the host, running nc 80.222.77.111 48888 on the other machine just hangs for a couple of seconds and then returns, with no output. Upon inspection, the exit code seemed to be 1. Similarly, running the following python script on the client machine

import socket


HOST = "80.222.77.111"
PORT = 48_888

with socket.socket() as s:
    print(f"Trying to connect to {HOST}:{PORT} ...")
    s.connect((HOST, PORT))
    print("Successfully connected")
    while True:
        msg = s.recv(1024)
        if not msg: break
        print("From server:", msg)
        msg = input("Client, enter message: ")
        if not msg: break
        s.send(bytes(msg + "\n", encoding="ASCII"))

results in

Trying to connect to 80.222.77.111:48888 ...
Traceback (most recent call last):
  File "client.py", line 14, in <module>
    s.connect((HOST, PORT))
ConnectionRefusedError: [WinError 10061] No connection could be made because the target machine actively refused it

This is weird, why would I be able to connect from outside but not from inside?

Furthermore, I also tried connecting directly to the local IP from the same network, i.e.

nc 192.168.0.35 48888

This did work.

Answer 1

You are trying to create a loopback connection as follows:

local -> router -> internet > router > local

Most consumer routers only implement request-answer algorithms and are not programmed to handle a case where the answer is actually another request. Meaning that it implements "request-answer" rather than "request-request-answer-answer".

Some routers prevent loopback connections as a security feature. Most consumer-grade routers don't have any prohibition against it, it just doesn't work.

You may login to your router's administration page and look for anything about permitting loopback connections (or similar). If nothing is found, then the router is just not suitable. Flashing a more advanced firmware such as DD-WRT might help (but that's a chancy operation).

Answer 2

It seems like either you have windows defender blocking your request or you may have an anti-virus blocking it. So just for the sake of testing, try disabling it or adding it to the exception list and that should help you confirm what's the problem. Once you know the cause, you will be able to make it work.