I setup network reflection based on this guidehttps://docs.opnsense.org/manual/how-tos/nat_reflection.html#nat-method1 (https://docs.opnsense.org/manual/how-tos/nat_reflection.html#nat-method1)
, now I'm finally able to reach my local webserver via its external ip from my router - which has not worked before, even though i could access the webserver via external ip from other lan clients.
the problem now is, when I try to curl https://mydomain.com from the routers console I get an error (curl: (60) SSL: no alternative certificate subject name matches target host name 'mydomain.com')
I use letsencypt wildcard certificates who work both for my other lan clients and for external clients
anyone got an idea what the problem could be?
my setup:
ISP
|
|
Router 192.168.0.1
|
/ \
/ \
/ \
webserver other lan clients
192.168.0.2 192.168.0.3-100 (from dhcp)
Instead of curl use openssl s_client -trace -connect mydomain.com:443
thanks for your reply but
firstly that would not have solved the problem, since I could not access the domain via gui as well and secondly as it turned out, since I left the https port for the gui at 443 it seens that the response came from the opnsense client and not the webserver, because since I changed the https port to something different I again get no answer as my original problem was