Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - frenchish

Pages1
#1
18.7 Legacy Series / Re: NGINX listen on WAN
December 13, 2018, 11:11:41 PM
Fabian, thanks for the pointer.

It turns out it was a floating rule needed rather than a rule on the WAN port only.

I would like to understand floating rule more but can not find anything in the documentation, are there commands for listing the internal firewall rules and how these tie together, like iptables i suppose.

All good now :)
#2
18.7 Legacy Series / Re: NGINX listen on WAN
December 13, 2018, 06:18:56 PM
Hey Fabian

Yes have done these, but no dice.

See answers inline quoted

Quote from: fabian on December 13, 2018, 05:24:53 PM
1. Define an upstream server
desc= int_www server=1.1.1.1 port:8080
2. Define an upstream (set the upstream server from (1))
desc=int_up Servers=int_www
3. Define a location and set the upstream  from (2)
desc=int_loc url_pattern:/ upstream=int_up
4. define an HTTP server and use the location from (3)
servername=test.example.local listenhttpport=81 location=int_loc
5. click the orange buttons with two arrows at the bottom of the view and it should work
Done

---
I have not written the other mandatory fields but I am sure you know what to fill in.
TLS requires that you add a certificate (with key).

also works from inside but not on the external interface WAN

Am I right in thinking this should work externally with a rule to allow external addrs to the firewall on the http server port configured in nginx?

Thanks for the quick response.
#3
18.7 Legacy Series / NGINX listen on WAN
December 13, 2018, 05:05:15 PM
Hi All

I am trying to setup nginx as a reverse proxy on the WAN to a webserver on the LAN.

I have followed the guide here https://docs.opnsense.org/manual/how-tos/nginx.html?highlight=nginx to the letter and know I have the correct internal host configured as the Upstream server, all settings followed.

I am starting to think this requires some configuration elsewhere that I am missing.

I have also configured the WAN interface on the firewall to allow connection to "This Firewall" on the port configured under the nginx "http server" port.

Also with the configuration internally the proxy works fine, if I point my LAN side browser at the LAN IP on the firewall I get proxied to the webserver fine, only failed WAN side.

Completely stumped here, any pointer much appreciated.


Pages1