Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
OPNsense web gui through reverse proxy
« previous
next »
Print
Pages: [
1
]
Author
Topic: OPNsense web gui through reverse proxy (Read 623 times)
blarg3891
Newbie
Posts: 1
Karma: 0
OPNsense web gui through reverse proxy
«
on:
September 17, 2024, 03:53:08 am »
This seems to have just started happening with latest version. I have a proxy host setup on nginx proxy manager for opnsense gui https on 443. It all works fine except for one function. When I make a change that requires "apply" settings as opposed to just save, I get a "502 bad gateway." The apply does occur but when opnsense forwards back to the same page, it gets this error. Nginx logs show this.
[error] 2174#2174: *370905 upstream prematurely closed connection while reading response header from upstream, client: 192.168.x.x, server: fw.bxyz.net, request: "POST /interfaces.php?if=opt5&group=Force53_DNS HTTP/2.0", upstream: "
https://192.168.x.y:443/interfaces.php?if=opt5&group=Force53_DNS
", host: "fw.bxyz.net", referrer: "
https://fw.bxyz.net/interfaces.php?if=opt5&group=Force53_DNS
"
On the web client I only see the following error which doesnt really help.
Request URL:
https://fw.bxyz.net/interfaces.php?if=opt5&group=Force53_DNS
Request Method:
POST
Status Code:
502 Bad Gateway
Remote Address:
192.168.x.z:443
Referrer Policy:
same-origin
I tried changing read time out values, adjusting different settings in the admin menu in opnsense, switching to an http proxy host. Any help would be much appreciated.
Logged
Amodin
Newbie
Posts: 18
Karma: 2
Re: OPNsense web gui through reverse proxy
«
Reply #1 on:
September 17, 2024, 10:34:56 pm »
IMO, this is dangerous to open your firewall GUI to this exposure. But, if you want to keep this, then I would consider changing your GUI port to something like 9443, because what's most likely happening is your 443 traffic that should just be pointed to NGINX is interfering with your same port as the GUI.
You can change the firewall admin GUI port in your interface, but on NGINX, you would identify the port in your destination address.
So, if you want to go to badidea.myfirewall.com:443, your destination address in NGINX would read: badidea.firewall.local:9443.
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
24.7 Production Series
»
OPNsense web gui through reverse proxy