NGINX Public access no working but LAN ok

[norgan]

Hi All,

I have nginx set up on my opnsense router. It works on the lan no problems at all, however, I cannot access the one server I want to be public accessable from the internet.

I see the client in the firewall logs coming from the test client's public ip going to the wan ip, but I don't see that in the access logs for nginx.
So nginx works from lan, traffic is getting to the firewall and should be getting to nginx.

Code Select Expand

IPv4 TCP * * WAN address 443 (HTTPS) * * Public SSL

Code Select Expand

IPv4 TCP * * LAN address 443 (HTTPS) * * Local HTTPS LAN to NGINX

Fiddler shows this:

Code Select Expand

fiddler.network.https> HTTPS handshake to home.norgan.net (for #399) failed. System.IO.IOException Authentication failed because the remote party has closed the transport stream.

Curl shows this:

Code Select Expand

curl: (35) OpenSSL SSL_connect: SSL_ERROR_SYSCALL in connection

Firewall WAN rule log shows traffic:

Code Select Expand

clientpubip:53810 wanip:443 tcp Public SSL NGINX

I do have multi-wan, thinking maybe nginx isn't binding to the public interface and therefore we get an ss; handshake failure.

[norgan]

So, once I got my head around the ha proxy deal, all i had to do was bind to the external ip on the real servers page. But for enginx plugin I cannot see anywhere this is possible other than perhaps editing the nginx.conf file directly.