Masquerading

From MoodleDocs

Running Moodle Behind A Masquerading Firewall

You may be running Moodle behind a Masquerading Firewall (using Network Address Translation or NAT). In this case your internal Moodle server will most likely be assigned a non-routable (private) IP address in one of the following ranges:

  • 10.0.0.0 - 10.255.255.255
  • 172.16.0.0 - 172.31.255.255
  • 192.168.0.0 - 192.168.255.255

Moodle can be set up using the standard instructions but will only be accessible within the local network. To make the Moodle server accessible from outside of the network you will need to address the following points:

  • Ideally provide a domain name for your external network.
  • In your firewall or router set up port forwarding to forward HTTP requests (port 80) to your Moodle server
  • Your moodle config.php will need to be modified so that $CFG->wwwroot is modified according to the IP address of the client.

Modify config.php by adding the following code snippet around your $CFG->wwwroot setting:

    $subnet = '192.168';
    $client_ip = $_SERVER['REMOTE_ADDR'];
    if (strpos($client_ip, $subnet)===0) {
        $CFG->wwwroot = '...internal URL...';
    }
    else {
        $CFG->wwwroot = '...external URL...';
    }
   // $CFG->wwwroot = ....    // comment out the origninal setting

The $subnet variable is set to the most significant values of your internal IP addresses (most likely '192.168.' or '10.'). The 'internal' URL is the appropriate setting for access from the local network. The 'external' URL that for external access.

Limitations

Using this method you will be unable to add full URLs that refer to resources/activites/files etc. within the same Moodle site. That is, for example, making a link in a resource to an image in the course's file area will not work properly if the URL contains the domain part.