I have a Netgate pfSense firewall in PPPoE mode to my ISP. There is a DHCP MikroTik router behind the firewall and i want to port forward the ports 80 and 443 to an Ubuntu VM web server.
I did forwarded these ports from my firewall to my MikroTik router, and from my MikroTik router to my VM ip address.
I can see the traffic when i go to https://my_public_ip but i get redirected to port 4433 which is the interface of my firewall.
The odd thing is that there are other ports forwarded with the exact same configuration and they work. For example i forwarded the port 22 for FTP and it works like a charm.
Why i am not able to visit my web server given the fact that it is configured correctly. Or it is not?
If you need further explanation or configuration please let me know
I had to disable the webGUI Redirect from my pfSense firewall
Related
I am trying to implement a small webserver on a raspberry pi which is connected to my fritz.box.
I already setup docker on my raspberry pi with nginx and if I call the internal ip of my raspberry pi with the port 8080 I can receive my "Hello-World" php site.
So far so good...
Now I installed the nginx proxy manager and this is reachable on port 80. So If I just call my internal ip of my raspberry pi I see a page of the nginx proxy manager.
So this seems to be working too.
Now I want that this is also accessible from external requests. I created a domain with no-ip.com and inserted the credentials in the backend of my fritz.box under dyndns. Also I created the port approval for my raspberry pi for the port 80 and 443.
So I thought if I did it like this and call my no-ip.com domain it will be directed to my fritz.box port 80 which is directing to the nginx proxy manager site.
But I only receive a Connection Timeout when calling the site...
Did I miss something or did I something wrong?
Update:
I realized that in my fritz.box opened the Ports 80 and 443 for IPv6 and for IPv4 it was 1155 and 1157.
So if I run my no-ip.com domain with port 1155 I can reach the nginx proxy manager.
I tried to implement the port 80 redirect at no-ip.com like #VonC mentioned. But I only can create on host and if I create only the port 80 redirect then the domain leads me to a 404 page which I don't know.
Check first if your ISP or routeur would not block port 80 ingress.
After all, the no-ip.com documentation itself does mention:
Port 80 is the default port for HTTP (Hyper Text Transfer Protocol). Most servers and system across the globe use Port 80.
It is very common for Internet Service Providers (ISP) to block all data to this port.
You can resolve this by redirecting traffic to a different port using our Port 80 Redirect service.
I have Wamp 3.1.7 running on a Windows 10 machine. The goal is to have the projects on this server accessible via the internet.
The server is available and working as expected over LAN when accessed with the LAN IP, e.g.
http://10.0.0.3/.
The server runs behind my router, which has its web interface running on port 80, so when I access my public IP, traffic on port 80 goes to the router login page.
Steps taken to try and solve the issue:
change the port my server is listening to from 80 to 8080. (this is working, both locally and over LAN, accessed with http://10.0.0.3:8080)
Add inbound rules on windows firewall for port 8080, set to allow all.
Add port forwarding on the router settings (forward incoming traffic on port 8080 to local IP 10.0.0.3:8080 as per https://portforward.com/d-link/dsl-g2562dg/)
Using PFPortChecker, it says that port 8080 on public_ip is open and able to send data.
I remain unable to access my server. When I go to public_ip:8080, I get ERR_CONNECTION_TIMED_OUT.
As stated above, going to public_ip just displays the router login page.
So as far as I can tell: port 8080 is open, my server is accessible over LAN on port 8080.
What am I missing? Where else could my traffic be blocked?
Stupid mistake on my side.
Answer found here: Public IP Web Page "Connection Timed Out" When Connected To
The issue was that you cannot access the server with the public_ip if connected the LAN the server is running on.
Hi i have a url called :
https://wona.logs.co.za
And i need it to redirect to the speciic docker container at port 3000
( http://156.43.123.226:3000)
However when i try link https://wona.logs.co.za to 156.43.123.226:3000 i cannot enter a port number in the redirection to specify my docker container
Multiple things that do not fit.
you try to redirect https traffic to an http endpoint. That won't wortk
you are trying to directly redirect to another port (from 443, to 3000). That won't work either.
Solution
Create a proxy container. e.g. nginx that serves port 80 / 443 and redirects traffic to your application on port 3000. I recommend that you do not directly expose your application - only via the proxy.
Once you have a proxy container that listens to the same ports you can easily use the redirect as you described.
The question lacks the current setup of docker on mentioned server. From what i understood, is you already have docker running with orchestrator and a proxy server for main domain, and now you want to put up a subdomain which forwards traffic to one specific container.
For this, you need to spin an image of your application which listens on port 3000, add an entry in proxy server to forward traffic to your new container. Handle the ssl handshaking at proxy level.
I have a docker container with an apache server on port 80. Port 8000 of the docker host is being forwarded to 80 in the container. Our application needs to connect to itself to use a web service. This connection URL is determined at runtime based on the URL the user is using to access the application. However, when it tries to connect to the host's IP address on port 8000, connection fails. Debugging with telnet and tracepath indicate routing error. Any hints?
The likely root cause here, is you're listening on the wrong interface in your container.
If you bind localhost:80 then you cannot access that using "publish". You need to bind 0.0.0.0:80 (or *:80 or whatever your config supports) and then it'll work.
Fixed. Turns out issue was that there was no firewall rule on the host allowing for access to the published port from the inside network.
I installed a Jenkins server on port 8080.
Then I installed GitBlit, which usually takes port 8080 too, so that I changed to port 8082.
On the machine I can call localhost:8082, but from remote 192.168.178.3:8082 is not available.
Jenkins response works on 192.168.178.3:8080
I opened the port on the hardware firewall. Still no response.
The last thing I could image is the Windows firewall, but even after opening the port for TCP for in and out its not working?
Or where do you think the problem is?
If you are using Gitblit GO, the default config for Gitblit GO will bind to localhost and will be unreachable from another machine. Check out server.httpBindInterface and server.httpsBindInterface.
Perhaps you need to do any port forwarding on your hardware firewall?
If you suspect Windows, you can add your program/service to the exception list in you Win Firewall settings. You can make this by going to:
START->Control Panel->Windows Firewall->Windows Firewall with Advanced Security
and modify Inbound and Outbound rules.