Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
wrong SSL cert showing for Port Forwarded Web Server
« previous
next »
Print
Pages: [
1
]
Author
Topic: wrong SSL cert showing for Port Forwarded Web Server (Read 1157 times)
hardingt
Newbie
Posts: 3
Karma: 0
wrong SSL cert showing for Port Forwarded Web Server
«
on:
October 01, 2021, 03:40:05 am »
Hello Community!
Just set up my first firewall appliance and I'm having trouble connecting to a webserver on my LAN from the internet.
When I hit up the web address, I am getting ERR_CERT_AUTHORITY_INVALID, which makes sense because the CERT is the self signed one owned by the firewall: OPNsense.localdomain
What doesn't make sense (yet) is why it is serving that one at all instead of passing the traffic through to the internal server, which has its own letsencrypt cert which worked just prior to the firewall's installation.
So far, I've set up the Firewall -> Nat -> Port forwarding on 443
Source: Any
Destination: WAN address
Redirect Target: 192.168.1.98
Filter Rule Associate: Pass
I'm sure there's a gotcha (or a number of gotchas) I'm missing here.
«
Last Edit: October 01, 2021, 04:06:20 am by hardingt
»
Logged
fabian
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: wrong SSL cert showing for Port Forwarded Web Server
«
Reply #1 on:
October 01, 2021, 08:52:11 am »
You need to move the web interface to another port and disable the automatic redirect to make this work.
Logged
hardingt
Newbie
Posts: 3
Karma: 0
Re: wrong SSL cert showing for Port Forwarded Web Server
«
Reply #2 on:
October 01, 2021, 03:30:01 pm »
Alright! I've moved the interface from 443 to 8443 and partial success! I now get _nothing_ when I hit up my URL.
I was wondering if you could give an assist with the
disable the automatic redirect
Is that associated with the anti lockout rules? or elsewhere in the interface?
Apologies for the size of the image, I can't find the spoiler tags
Logged
hardingt
Newbie
Posts: 3
Karma: 0
Re: wrong SSL cert showing for Port Forwarded Web Server
«
Reply #3 on:
October 01, 2021, 04:29:59 pm »
Success!, I'll make a new topic for NAT reflection woes (can't access the site internally)
But the trick was first as fabian mentioned to move the admin port
Then I had to straight up delete the Port Forwarding rule, apply changes, then recreate it
At that point it created the associated Firewall rule and voila!
Thanks for the help!
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
wrong SSL cert showing for Port Forwarded Web Server