OPNsense Forum
Archive => 21.1 Legacy Series => Topic started by: norgan on March 27, 2021, 12:22:43 pm
-
Hi All,
I have nginx set up on my opnsense router. It works on the lan no problems at all, however, I cannot access the one server I want to be public accessable from the internet.
I see the client in the firewall logs coming from the test client's public ip going to the wan ip, but I don't see that in the access logs for nginx.
So nginx works from lan, traffic is getting to the firewall and should be getting to nginx.
IPv4 TCP * * WAN address 443 (HTTPS) * * Public SSL
IPv4 TCP * * LAN address 443 (HTTPS) * * Local HTTPS LAN to NGINX
Fiddler shows this:
fiddler.network.https> HTTPS handshake to home.norgan.net (for #399) failed. System.IO.IOException Authentication failed because the remote party has closed the transport stream.
Curl shows this:
curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection
Firewall WAN rule log shows traffic:
clientpubip:53810 wanip:443 tcp Public SSL NGINX
I do have multi-wan, thinking maybe nginx isn't binding to the public interface and therefore we get an ss; handshake failure.
-
So, once I got my head around the ha proxy deal, all i had to do was bind to the external ip on the real servers page. But for enginx plugin I cannot see anywhere this is possible other than perhaps editing the nginx.conf file directly.