Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Internal access with Nginx Proxy Manager
« previous
next »
Print
Pages: [
1
]
Author
Topic: Internal access with Nginx Proxy Manager (Read 553 times)
scottandbothered
Newbie
Posts: 16
Karma: 0
Internal access with Nginx Proxy Manager
«
on:
September 03, 2024, 02:14:40 am »
Hey Folks - I'm switching over to opnsense and it's been pretty painless.
The port forwards are setup and firewall rules. External access seems to be working fine.
My domain name and subdomain point to my public IP and NPM.
I can't seem to get internal lan access working to my domain / subdomains.
I found a bunch of posts about using unbound overrides to fix this but it doesn't seem to be working. Seems pretty straight forward but I must be missing something.
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1601
Karma: 176
Re: Internal access with Nginx Proxy Manager
«
Reply #1 on:
September 03, 2024, 07:33:57 am »
Hey,
either use NAT Reflection:
https://docs.opnsense.org/manual/how-tos/nat_reflection.html
Split DNS Zone: (But not with unbound overrides, they can be a bit unreliable. Better with something like BIND that can do proper authoritative zones)
Or even better use a modern reverse proxy directly on the OPNsense:
https://docs.opnsense.org/manual/how-tos/caddy.html
Logged
Hardware:
DEC740
scottandbothered
Newbie
Posts: 16
Karma: 0
Re: Internal access with Nginx Proxy Manager
«
Reply #2 on:
September 03, 2024, 03:47:33 pm »
Thanks. I have "Reflection for port forwards" ticked in the advanced firewall settings.
NPM is running on a vm in my lab. I saw that there is an option built into opnsense - I dont like to keep all my eggs in one basket.
I tried the suggestions in the provided link but still no luck.
Logged
scottandbothered
Newbie
Posts: 16
Karma: 0
Re: Internal access with Nginx Proxy Manager
«
Reply #3 on:
September 03, 2024, 04:20:13 pm »
I got this working. I ticked "Automatic outbound NAT for Reflection" under advanced firewall settings. That's in addition to "Reflection for port forwards"
No other reflections or hairpin or unbound setup was needed after that.
I'll monitor for a day before marking this as solved.
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1601
Karma: 176
Re: Internal access with Nginx Proxy Manager
«
Reply #4 on:
September 03, 2024, 04:25:36 pm »
Yes you need that since your client that tested the connection and your NPM server are most likely in the same subnet. Thats why these Source NAT rules are needed.
If they would be in different routed subnets, that setting would not be needed.
Logged
Hardware:
DEC740
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Internal access with Nginx Proxy Manager