OPNsense Forum

Archive => 21.1 Legacy Series => Topic started by: norgan on March 27, 2021, 12:22:43 pm

Title: NGINX Public access no working but LAN ok
Post by: norgan on March 27, 2021, 12:22:43 pm

Hi All,

I have nginx set up on my opnsense router. It works on the lan no problems at all, however, I cannot access the one server I want to be public accessable from the internet.

I see the client in the firewall logs coming from the test client's public ip going to the wan ip, but I don't see that in the access logs for nginx.
So nginx works from lan, traffic is getting to the firewall and should be getting to nginx.

Code: [Select]

IPv4 TCP * * WAN address 443 (HTTPS) * * Public SSL

Code: [Select]

IPv4 TCP * * LAN address 443 (HTTPS) * * Local HTTPS LAN to NGINX
Fiddler shows this:

Code: [Select]

fiddler.network.https> HTTPS handshake to home.norgan.net (for #399) failed. System.IO.IOException Authentication failed because the remote party has closed the transport stream.
Curl shows this:

Code: [Select]

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection
Firewall WAN rule log shows traffic:

Code: [Select]

clientpubip:53810 wanip:443 tcp Public SSL NGINX

I do have multi-wan, thinking maybe nginx isn't binding to the public interface and therefore we get an ss; handshake failure.

Title: Re: NGINX Public access no working but LAN ok
Post by: norgan on March 28, 2021, 12:52:32 pm

So, once I got my head around the ha proxy deal, all i had to do was bind to the external ip on the real servers page. But for enginx plugin I cannot see anywhere this is possible other than perhaps editing the nginx.conf file directly.