Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
NGINX reverse proxy configuration help needed (Solved)
« previous
next »
Print
Pages: [
1
]
Author
Topic: NGINX reverse proxy configuration help needed (Solved) (Read 7978 times)
Jaco1960
Newbie
Posts: 6
Karma: 0
NGINX reverse proxy configuration help needed (Solved)
«
on:
April 27, 2020, 11:45:07 pm »
Hi,
I have a problem with setting up nginx as a reverse proxy. I followed the guide on setting it up as a loadbalancer and used the advices found here on this forum, but so-far I have not been able getting it to work.
Let me first explain what I want to achieve:
- i have an internal server running on
https://192.168.x.y:5001
- i want to access this server from the internet via
https://myserver.mydomain.com/
DNS has been configured such that myserver.mydomain.com points to my WAN IP.
I have installed the os-nginx plugin and have it enabled and up and running with the following settings:
Services: NGINX: Configuration: General
- Enable nginx: Checked
Services: NGINX: Configuration: Upstream Server
- Description: myserver_server
- Server: 192.168.x.y
- Port: 5001
- Server Priority: 1
- other settings: default
Services: NGINX: Configuration: Upstream
- Description: myserver_upstream
- Server Entries: myserver_server
- other settings: default
Services: NGINX: Configuration: HTTP(S): Location
- Description: myserver_location
- URL Pattern: /
- Match Type: None
- Upstream Servers: myserver_upstream
- other settings: default
Services: NGINX: Configuration: HTTP(S): HTTP Server
- HTTP Listen Port: [blank]
- HTTPS Listen Port: 443
- Server Name: localhost
- Location: myserver_location
- other settings: default
I also have setup a firewall rule to allow WAN traffic port 443 from any source to “this firewall”
Logging shows that the https request from the internet to
https://myserver.mydomain.com/
is passed, however nginx does not show anything in the HTTP(s) logs
I have also tried for the HTTP server name various alternatives.
- “Localhost”
- “127.0.0.1”
- “myserver.mydomain.com”
- “My WAN IP adress”
Does anyone have a suggestion to get this working:
- Is there something in the Nginx configuration incorrect or missing
- What HTTP server name should I use?
- Is the firewall rule correct?
- Anything else?
«
Last Edit: May 03, 2020, 10:28:16 pm by Jaco1960
»
Logged
fabian
Moderator
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: NGINX reverse proxy configuration help needed
«
Reply #1 on:
April 28, 2020, 06:27:24 am »
Have you moved the web interface to another port? By default 80 and 443 are blocked.
Logged
Jaco1960
Newbie
Posts: 6
Karma: 0
Re: NGINX reverse proxy configuration help needed
«
Reply #2 on:
April 28, 2020, 09:36:38 pm »
For OPNsense web GUI both http and https are set to port 440. If I connect on port 80 to the firewall it redirects to the web GUI https on port 440. If I connect to port 443, the connection times out.
Logged
fabian
Moderator
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: NGINX reverse proxy configuration help needed
«
Reply #3 on:
April 28, 2020, 10:15:08 pm »
Have you disabled the redirect rule after the port in the administration page for the firewall web interface?
Logged
Jaco1960
Newbie
Posts: 6
Karma: 0
Re: NGINX reverse proxy configuration help needed
«
Reply #4 on:
April 28, 2020, 11:55:04 pm »
I do now, but it does not make a difference
Logged
Jaco1960
Newbie
Posts: 6
Karma: 0
Re: NGINX reverse proxy configuration help needed
«
Reply #5 on:
May 02, 2020, 10:11:12 pm »
I have had a closer look to the Nginx.conf and found that it was not updating when I made changes in the OPNSense configuration pages for Nginx. The way to get this solved it to go the the general settings tab and hit the Apply button and then restart Nginx. Having an "Apply" button and a warning in the GUI on the other tabs would be nice...
After having figured that out, I now see that nginx logs the request made. But now I hit a new problem. Nginx responds with a 404 error. I use "myserver.mydomian.com" for the HTTP Server name. Any idea's?
Logged
fabian
Moderator
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: NGINX reverse proxy configuration help needed
«
Reply #6 on:
May 02, 2020, 10:18:08 pm »
First issue: There is a config reload button on the bottom of the page.
Second question: can you post the nginx config of the server segment which does not work?
«
Last Edit: May 02, 2020, 10:19:41 pm by fabian
»
Logged
Jaco1960
Newbie
Posts: 6
Karma: 0
Re: NGINX reverse proxy configuration help needed
«
Reply #7 on:
May 02, 2020, 11:15:08 pm »
First issue: In my screen there is no reload button at the bottom of the page. See screenshot. I run the vastest version OPNSense
I have attached the nginx.conf
Logged
hbc
Hero Member
Posts: 501
Karma: 47
Re: NGINX reverse proxy configuration help needed
«
Reply #8 on:
May 03, 2020, 08:29:09 am »
Of course there is a reload button. There orange red circled arrows on right, bottom.
Logged
Intel(R) Xeon(R) Silver 4116 CPU @ 2.10GHz (24 cores)
256 GB RAM, 300GB RAID1, 3x4 10G Chelsio T540-CO-SR
fabian
Moderator
Hero Member
Posts: 2769
Karma: 200
OPNsense Contributor (Language, VPN, Proxy, etc.)
Re: NGINX reverse proxy configuration help needed
«
Reply #9 on:
May 03, 2020, 08:42:55 pm »
your slash is wrong - it should be "/" instead of "\". The one yo uget on shift + 7 on the German keyboard or the one beside the dot as far as I know on the US keyboard.
Logged
Jaco1960
Newbie
Posts: 6
Karma: 0
Re: NGINX reverse proxy configuration help needed
«
Reply #10 on:
May 03, 2020, 10:27:58 pm »
Solved!
Many thanks Fabian. I totally overlooked the \ instead of / .
NB: the reload button deviates a lot from the normal Apply button found in the other OPNsense screens. Also it has a refresh icon, to make things more confusing
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
Web Proxy Filtering and Caching
(Moderator:
fabian
) »
NGINX reverse proxy configuration help needed (Solved)