Ports Closing NGINX

[Selfhoster]

Hello

Im really sorry to ask such a stupid question but I struggling with something on OPNsense. I have running Opensense as a VM in Unraid. I have setup port forward for 80 & 443 to NGINX Proxy manager.
The weird thing is, if I refresh/restart the NGINX container the ports open and all works well.... however this only lasts a couple of minutes before they close again and I cant access my websites.
I don't understand why or how they are being closed.

Here is a picture of my forward & Rules https://imgur.com/a/uTX5BIk

I am really sorry I am not a network engineer just a guy at home trying to do his best with what he has.
Any help would be great and thank you.

[bimbar]

Not sure why you have so many rules for that, usually you would just open port 80 and 443 with destination "This Firewall" at the appropriate place, and start nginx.
There's not usually a need for NAT.

[Selfhoster]

I was told on Reddit thats what I needed to do, being honest its a lot more complicated then I anticipated

[Monviech (Cedrik)]

Have you made sure the HTTPS Port you access the firewall with was changed from 443 to something else, like 4443 for example?

System: Settings: Administration: TCP port

Also if the NGINX runs behind the OPNsense as container, you need the NAT rules.

[bimbar]

I assumed the nginx to be running on opnsense.

[Selfhoster]

I assumed the nginx to be running on opnsense.

No a Docker in Unraid

[Selfhoster]

Have you made sure the HTTPS Port you access the firewall with was changed from 443 to something else, like 4443 for example?

System: Settings: Administration: TCP port

Also if the NGINX runs behind the OPNsense as container, you need the NAT rules.
[/quote ]

I hadn't no but I have now :)

[Selfhoster]

Have you made sure the HTTPS Port you access the firewall with was changed from 443 to something else, like 4443 for example?

System: Settings: Administration: TCP port

Also if the NGINX runs behind the OPNsense as container, you need the NAT rules.

You sir are amazing, 2 god dam days and that's what it was ! FML

[Monviech (Cedrik)]

Great, also good job at implementing Hairpinning :)

[Selfhoster]

TBF that wasn't that bad, took about 3 mins, I went with option 2. that came from reddit but honestly, I have an issue with Reddit and Keyboard warriors I ended up getting in an argument with someone in self-hosted yesterday because he wanted to flex.

Im still getting around Opnsense and I was on the verge of going back to OpenWrt as I could get this to work. now this is working I can start getting it up and running as its pretty cool. Ive got my net data integration set up.
Its a shame it doesn't have a docker plugin.

Onto wireguard and OpenVPN now

[Monviech (Cedrik)]

Well there are jails on FreeBSD, a jail is like what a container is on linux.

https://forum.opnsense.org/index.php?topic=26975.0

[Selfhoster]

any idea why this is now happening  https://imgur.com/a/T8VDbGr seems laggy but I have plenty of cores

[Monviech (Cedrik)]

If you have performance problems maybe it's best to post an alternative thread in "Hardware" with your exact setup. I'm not sure I can help with that.

[cookiemonster]

any idea why this is now happening  https://imgur.com/a/T8VDbGr seems laggy but I have plenty of cores

If you're refering to the spinning checking for updates, that is using the system's dns settings as set by you, and we've seen a few cases of having ipv6 enabled when unnecessary and that, depending on the isp, might cause you a slow response.

[Selfhoster]

 its gone back and ports closing again now:(