I have followed everything google has pulled up, but I'm still having trouble port forwarding HTTP on the FVS318 to the single computer attached to it that is running apache.

Essentially I need a party to be able to copy/pasta the router's ip address in IE/FF and have it hit the web server on this machine.

Halp?

I used to have that router. It's pretty straightforward. But, since you're running apache, it depends on its configuration if it will listen correctly for connections.

All you need is port 80 unless you're doing something securely. Then it's also 443..

Not running HTTPS, just HTTP. Could you point me in the right direction for the apache config? Loopback is working fine... just can't bust through hitting the router itself.

Would the always-established VPN connection on the router affect this at all?

I have set the router up to allow 80 in/out to the computer, which seems to be its pseudo port forward.

First, what's the IP address of the machine, an what's the internal IP of the router?

Just make sure in your apache config you have the Listen directive like this:
Listen 80
and not like this:
Listen 12.34.56.78:80

That way it listens on ALL IP addresses assigned to all interfaces.

Are you using any virtual host configuration, or is it using just a single site within the default config?

Machine - 192.168.1.100 Router - 192.168.1.1

Listen is set to 80, non ip-specific.

Not running any virtual hosts, just the single site with the default config.

The router is VPN'd to another router a few states away for work purposes... I have the feeling I should be targeting the other router and forwarding 80 on it to this machines remote LAN ip. But I'm not sure whether the VPN connection would affect what I'm trying to accomplish on my local side or not.

OH wait... ok, so you're saying that you have the fvs318 VPN'd to another fvs318 (or other router) via the software inside the fvs318? As in, there's no other software controlling that connection?

If that's the case, and things are set up right, both networks need to be on different subnets. For example

Network1:
192.168.1.x
255.255.255.0 netmask

Network2:
192.168.2.x
255.255.255.0 netmask

When you have a vpn set up within the fvs318, it will auto route packets from one network to another. So if someone on the remote network is 192.168.2.101, and they try to go to 192.168.1.100, it should auto route that traffic. port forwarding is only for forwarding through NAT via the public IP to the private IP. VPN traffic is all technically private.

You are correct. The other router is a FVS338.

So if router A is always-on VPN'd to router B, and someone tries to connect to Router A via WAN (not VPN), what happens with those packets? I'm just confused as to whether the VPN connection is affecting WAN activities on router A (the original router in question), and moreover why I can't get this business to work.

ok, think about traffic flow.

my IP is 192.168.1.2, my router is 1.1. When i request something within my subnet, it just goes directly to that address. If it's outside of the subnet, it goes to the gateway (1.1). If I'm trying to access 192.168.2.2 (via the 192.168.2.1 router), My traffic takes this route:

1: 192.168.1.1
2: VPN HOPS
3: 192.168.2.1
4: 192.168.2.2

If I access the WAN IP of the remote router, it's going to take the internet route, so, more like this:

1: 192.168.1.1
2: multiple internet hops
3: 192.168.2.1
4: 192.168.2.2 (via a port forward)

Really, it's the exact same route whether or not you're using VPN or NAT with port forwarding. Just that one uses the VPN tunnel (hiding hops from 1.1 to 2.1), and one uses NAT and port forwarding.

But most importantly, if the fvs318 is 192.168.1.1, what's the internal address of the fvs338?

First, thanks for helping me out with this.

The 338 runs on 192.168.3.xxx. The 318 runs on 192.168.1.xxx. But I think this is besides the point. I'm hung up on why I can't get port 80 through the 318 to the work computer I'm on now. I have created rules allowing port 80 both in/out to this machine. There are no per-se port forwarding options on this router, only rules and services from what I have gathered.

The only reason I brought up the VPN is because I was concerned about it affecting HTTP from coming through the 318. If that's the case, then it made sense to me to port forward the remote router ( 338 ) HTTP to my remote ip (which is the same as the local - 192.168.1.100) and just funnel everything thought the VPN.

Am I off base here?

ok, first, you are on the 1.x subnet, which means that you cannon use the fvs318 public IP to try to get the port forwarding to work. 99% of routers employing NAT, won't allow this type of connection. You need to use something else to test the connection. Like, find a web tool that searches for open and listening ports, that way it's a connection that is truly outside of your network.

Anyone on the fvs338 network should be able to access the web server directly via the 192.168.1.100 IP. There shouldn't be any issue with this. The only thing you might notice is that the VPN connection could potentially be slower than a port forwarded connection due to encryption/decryption of ipsec VPN packets. But it's something you probably wouldn't notice with a naked eye unless you were running a LOT of traffic.

Got it. The kicker is that the data needs to be accessed by someone that is outside and independent of our network. Online port scanner indicates the 318 isn't listening on 80.

Back to the drawing board I suppose...

Yes, exactly. PM me the IP if you want me to check it out for you.

It's been awhile since I used the 318, but you should check the rules in the firewall and make sure that it allows all traffic from all sources to that specific destination.