Seemingly straightforward pass rule not working; reverse proxy suspected.

Started by brigmaticlaw, December 18, 2025, 09:59:38 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
December 18, 2025, 09:59:38 PM Last Edit: December 18, 2025, 10:21:11 PM by brigmaticlaw Reason: Addint context
Hi all,

I'm having a bit of an issue with a rule allowing certain devices on my main network to access select services on my server network. I have the basic "Allow internet/block private networks" and "Allow DNS" rules on each interface. I am attempting to add this new rule to allow devices on the Main interface (VLAN20) to access the services (Jellyfin, Immich, and Home Assistant) hosted on servers in Lab net (VLAN10). With the rule enabled and with my phone connected to the Main net, I cannot access the above services.

I have set up three aliases; one containing the IPs of my two Rokus for Jellyfin access, another containing the MAC addresses of our phones and laptops, and the third which has the URLs of the three services mentioned above. Admittedly I could probably combine the first two but for now let's just roll with it.

In the "Lab_Services" alias, I am using the FQDNs for each service instead of their IP/ports. I am running all services through Nginx Proxy Manager which is also hosted on a server on the Lab net. Here is what everything looks like:

You cannot view this attachment.You cannot view this attachment.

My suspicion lies with the reverse proxy since the services alias is using FQDNs instead of IPs. Am I on to something there? Do I need to allow Main net access to the proxy as well so those addresses can be properly routed? Any pointers would be greatly appreciated!
Print
Go Up Pages1
User actions