OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Profile of OPNSense_toq »
  • Show Posts »
  • Messages
  • Profile Info
    • Summary
    • Show Stats
    • Show Posts...
      • Messages
      • Topics
      • Attachments

Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

  • Messages
  • Topics
  • Attachments

Messages - OPNSense_toq

Pages: [1]
1
General Discussion / Re: Caddy won't route external requests - get Default deny / state violation
« on: April 12, 2024, 06:35:40 pm »

I knew it was something stupid simple that I was missing.  Thank you for your comment.   I had port forwards in place for 80 and 443.  (Firewall -> NAT -> Port Forward) Completely forgotten about them. Removed those, everything works as expected.

Thank you everyone for your help.

2
General Discussion / Re: Caddy won't route external requests - get Default deny / state violation
« on: April 11, 2024, 09:33:08 pm »
An any/any floating rule does appear to allow caddy to forward requests but they go to the wrong port. does that offer any insight?  I can look into it more later.

3
General Discussion / Re: Caddy won't route external requests - get Default deny / state violation
« on: April 11, 2024, 09:12:04 pm »
Wow, there is a lot in FIREWALL: DIAGNOSTICS: STATISTICS: rules.

is there an easy way to output that? from command line maybe?

4
General Discussion / Re: Caddy won't route external requests - get Default deny / state violation
« on: April 11, 2024, 07:56:38 pm »
screenshot is attached. Is there another way to list the rules?

5
General Discussion / Re: Caddy won't route external requests - get Default deny / state violation
« on: April 11, 2024, 07:26:05 pm »
Yes, OPNSense is on 8443.

6
General Discussion / Caddy won't route external requests - get Default deny / state violation
« on: April 11, 2024, 07:15:38 pm »
OPNSense 24.1.5_2-amd64
Caddy os-caddy (installed)   1.5.3

I have installed caddy and gotten internal requests to https://server1.mydomain.tld to route properly. Works great. However, if I try to hit the same site from external I get Default deny / state violation error in the logs. So I know the request is actually making it to my OPNsense but for some reason they aren't making it to Caddy.

I do have Firewall rules on both the LAN and WAN interfaces that point 80 and 443 to 'This Firewall' as specified in the documentation. But it doesn't look like the external requests are actually making it that far.

I tried troubleshooting this with the folks at Caddy but they sent me over here. Here is the support thread.
https://caddy.community/t/caddy-opnsense-internal-working-external-not/23426/9

Appreciate any help or ideas of what to look at. Thanks.

Pages: [1]
OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2