Menu

Show posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Show posts Menu

Messages - fforstik

Pages1 2
#1
24.7, 24.10 Legacy Series / Re: Opnsense 24.7.2 broke nginx server
September 04, 2024, 04:31:49 AM
well probably stay as I see lots of issues raised by other people..

for my situation there could be:
    A) my HW is not supported (im using N6005 CPU and i226 2.5Gbe ethernet)
    B) new update clean some of the files and logs and messed with the config as I have always did the upgrade from GUI since late 2022. (so almost 2 years without clean install)

Because I have tried clean install and didnt worked I suspect that might be a combination of two.. It will be interesting if other people experience the same or similar issue with Nginx plugin and WAF with fresh clean install and not just upgrade to see if its just my device or global issue..  ;)
#2
24.7, 24.10 Legacy Series / Re: Opnsense 24.7.2 broke nginx server - WAF denied access
September 03, 2024, 09:57:52 PM
so after multiple tries and search I have found this forum which is very similar to my issue.
https://forum.opnsense.org/index.php?topic=19305.30
  - basically its says that after deleting logs it "mess" with the configuration which could happend when I have updated from 24.7 to 24.7.2


Anayway, because I have clean Opnsense install from late 2022 and always did upgrade I was trying to do a clean install and reconfigure the nginx (without any backup import) and it was the same thing. Same issue
#3
24.7, 24.10 Legacy Series / Re: Opnsense 24.7.2 broke nginx server
August 28, 2024, 02:32:06 AM
Dont know if 24.7.1 or 24.7.2 broke as I have moved from version 24.7.0 but i see that in version 24.7.1 were some os-acme-client update and in version 24.7.2 more system update and cleanup as well..

Just wondering if other people have the same issue or similar based on what i see in the forum about other issues like CPU, sensors etc.. with the new 24.7.x upgrade..
#4
24.7, 24.10 Legacy Series / Re: Opnsense 24.7.2 broke nginx server
August 27, 2024, 02:15:54 PM
It was all working fine as I was able to access the server just before the update to 24.7.2. No other changes.

Im using ACME plugin for the SSL cert (Lets encrypt)

in ngix plugin in Logs-HTTP error:
2024/08/28   00:06:47   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"

2024/08/28   00:06:47   error   82877#100122   *5 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET / HTTP/1.1", upstream: "https://<Internal server IP>:11000/", host: "<Nextcloud Domain name website>"

2024/08/28   00:06:47   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"

2024/08/28   00:06:44   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"

2024/08/28   00:06:44   error   82877#100122   *1 SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client: <public IP>, server: <Nextcloud Domain name website>, request: "GET /favicon.ico HTTP/1.1", upstream: "https://<Internal server IP>:11000/favicon.ico", host: "<Nextcloud Domain name website>", referrer: "https://<Nextcloud Domain name website>"
#5
24.7, 24.10 Legacy Series / Re: Opnsense 24.7.2 broke nginx server
August 27, 2024, 01:38:36 PM
only in
    - log-HTTPS access: status code 502
    - log-HTTP Error: SSL_do_handshake() failed (SSL: error:0A00010B:SSL routines::wrong version number) while SSL handshaking to upstream, client:
#6
24.7, 24.10 Legacy Series / Re: Opnsense 24.7.2 broke nginx server
August 27, 2024, 01:22:41 PM
i see only in debug log: NGINX setup routine started.

nothing else..
#7
24.7, 24.10 Legacy Series / Opnsense 24.7.2 broke nginx server
August 27, 2024, 01:16:24 PM
Hello

I have updated from 24.7 -> 24.7.2 and since then i have an issue for the ngning and able to access the server behind this..

It show this message if i will hit the ngning (plugin on opnsense)

Server Error
Sorry, but something went wrong on our side.

There is nothing you can do except waiting until we fix the issue.
Web Application Protection by OPNsense
#8
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 17, 2024, 01:33:00 AM
Thanks..

Have tried and didnt work, so i might have something wrong with my Opnsense even I have reinstalled the plugin..


So I have switched to Ngnix for now as it worked without any isssue. I might try Caddy in a short future again.
#9
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 08, 2024, 08:11:20 AM
Thank.. yes. thats the similar what I have used.. I have also posted on Nextcloud forum where I have listed my config as well..
https://help.nextcloud.com/t/nextclou-aio-install-caddy-reverse-proxy-opnsense-white-login-page/200032/6

Anyway, tried modify the URL handle and still doesnt work..
  - also trie based on the Opnsense giude setup reverse proxy for Opnsense admin GUI portal and doesnt work either..
#10
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 07, 2024, 09:58:36 PM
i will try once more, but its interesting that nginx works like a charm without additional afford and Caddy based on the guide doesnt work.
    - It doesnt seems like Opnsense misconfiguration
#11
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 07, 2024, 01:56:41 PM
I have done that based on the configuration https://docs.opnsense.org/manual/how-tos/caddy.html

and still nothing...

Im just wondering if the Caddy plugin works in general :-)
#12
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 07, 2024, 01:28:20 PM
the domain name is: subdomain.domainname

I have tried to setup also as domain = domain
and create subdomain and use it in the handler

but it was the same issue..
#13
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 07, 2024, 01:25:36 PM
same.. I was playing with the TLS earlier like:

Unchecked:  TLS Insecure Skip Verify
Unchecked: TLS

checked:  TLS Insecure Skip Verify
Unchecked: TLS

Unchecked:  TLS Insecure Skip Verify
checked: TLS

checked:  TLS Insecure Skip Verify
checked: TLS


But the same issue
#14
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 07, 2024, 01:19:28 PM
Unchecked:  TLS Insecure Skip Verify
Unchecked: TLS

and the same problem
#15
Tutorials and FAQs / Re: Caddy (reverse proxy) plugin + Nextcloud AIO
August 07, 2024, 12:54:03 PM
Yes, I can open Nextcloud login page on local server:11000

I have installed nginx plugin and configured the reverse proxy exactly as this: https://forum.opnsense.org/index.php?topic=19305.0

and I can access it even on my domain and externally as well..

There must be some issue with the Caddy config which I have missed... I hope some =one can point me to the right direction.

Caddy:
Pages1 2