Help forwarding to webdav share
-
I've set a webdav share up on my Freenas as follows:
http://192.168.1.16:5385/webdavshare/
I've then created a DDNS web redirect for this to webdav.ddns.net
I've attached the rules I've setup and I can access it from my internal network but not public. What am I missing?
-
Seems to look OK. When you try it using its public IP address, are you outside your network or still inside? You can't access an internal resource using its external IP address from LAN unless you have NAT Reflection enabled.
-
Yes I've had a mate trying it for me away from my network. Although I also use my phone to test it, that's not on my network. I've had similar issues with ftp too, I just can't figure out what's going on. It has to be a setting somewhere but I've tried just about everything I think.
I don't know if it could be something to do with the config between my pfsense and the BT openreach modem (HG612). The strange thing is If I do I restore to a config from a couple of weeks ago it will work for a few hours. I won't touch anything, and then it just stops working. At least that's what was happening with ftp but I was led to believe http webdav was more firewall/NAT friendly.
I'm at a loss : (
-
Can I assume that you've unchecked the Block Private Networks under Interfaces - WAN - Private Networks?
-
If you are double-natting then the port forward also has to happen on the device that actually has the public IP.
Is your pfSense WAN IP public or private? If you're not sure just state the first two numbers here. (34.45.X.X)
-
The Private networks is unchecked on the interfaces page. I don't believe I'm double NATing, I'm sure I turned all the routing and NAT options off on the modem but I'll double check. It should be just setup in bridge mode, i have it as PPPoe on the interfaces setup. And my WAN IP is public, starts 86:128
-
Then it should be working.
I don't know what a "DDNS web redirect" is. What does it do? All you need is an A or CNAME record that returns your public IP.
Does http://192.168.1.16:5385/webdavshare/ work from LAN? (I see you've already said yes.)
Does http://pu.bl.ic.ip:5385/webdavshare/ work from outside?
Can pfSense ping 192.168.1.16?
-
A web redirect maps your host name to a url. In my case here webdav.ddns.net was set up to point to http://192.168.1.16:5385/webdavshare/
I've just changed it as you said to my public IP as I hadn't realised what I'd done there. This actually works now but with not having a static public IP address, this will obviously cause issues whenever it changes, I'm not sure how else I could get around it. If I set up just a normal DDNS host name it wont work because it needs to point to the actual share name, in my case /webdavshare. The web redirect was the only way around it I could see.
-
Gotcha. So you have a web server running over at dyn that listens and when it gets a hit on HTTP if simply sends a redirect to that URL.
Why not make the redirect go to http://myddnsname/webdavshare and update that hostname with ddns?
-
I don't think I follow what you mean…So have it redirect to http://webdav.ddns.net:5385/webdavshare/ I don't think that would work, or am I misunderstanding you?
-
No. Create another dyndns hostname. Update that hostname with ddns based on pfSense WAN. Have the redirect URL point to that.
-
It needs to point to the webdav share though. Pointing just to to the port won't get to it.
-
Dude. You will still have the web redirect. It will just point to a second ddns name instead of an IP address.
-
I understand what you're saying, but the 2nd ddns name would still need to be configured to point to an ip address. In my case a dynamic one.
So webdav.ddns.net redirects to webdavshare.ddns.net which redirects to the share on 86.128.xx.xx:5385/webdavshare/
Whilst Webdav.ddns.net would keep up to date with any IP changes I'd still need to change the actual share name manually. I think the onlky way around this is to get a static IP but my ISP don't offer them.
-
Ok. One more time. Look at the screenshots below.
![Screen Shot 2015-01-17 at 4.43.33 PM.png](/public/imported_attachments/1/Screen Shot 2015-01-17 at 4.43.33 PM.png)
![Screen Shot 2015-01-17 at 4.43.33 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-01-17 at 4.43.33 PM.png_thumb)
![Screen Shot 2015-01-17 at 4.53.14 PM.png](/public/imported_attachments/1/Screen Shot 2015-01-17 at 4.53.14 PM.png)
![Screen Shot 2015-01-17 at 4.53.14 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-01-17 at 4.53.14 PM.png_thumb) -
It doesn't allow you to do that though, it comes back as being an invalid url address.
-
What's IT? This certainly has absolutely nothing to do with pfSense. What's this redirect nonsense? Register some DDNS host and get it updated via pfSense. Type the URL into your WebDAV client instead of doing some whacky absolutely useless "redirects" using god knows what service.
-
Yeah, with two colons before the port number it's going to complain it's an invalid URL.
-
Two colons or not
- these "DNS" records do NOT point to your dynamic IP (see below)
- these records do NOT work properly with tons of WebDAV clients since the redirect is done via a webserver of the DynDNS provider (better case would be via webserver's configuration, but it can be done via PHP, HTML or even JS or - yuck - frames)
::) :o
-
What's IT? This certainly has absolutely nothing to do with pfSense. What's this redirect nonsense? Register some DDNS host and get it updated via pfSense. Type the URL into your WebDAV client instead of doing some whacky absolutely useless "redirects" using god knows what service.
It's no-ip DDNS service that I'm using. And Ideally I need this accessible via a web browser rather having to have some 3rd party client software installed. I need customers to be able to access it and download files, I could do without having to ask them to install software beforehand, much easy to send them a link to the share.
-
So send them the link? Really no idea what are you trying to do with the redirect URLs. It won't work properly or at all.
-
The problem I've got is that my ISP uses dynamic IP addresses and it changes a couple of times of week. Therefore sending out a link to the share will only work until my public IP changes. By doing the redirect and pointing to a DDNS name rather than an IP would have solved this problem.
-
Uh. Yes. Replace your dynamic IP in the link with the dynamic hostname. Do NOT use any URL-redirect type service for this. It will NOT work properly and is absolutely NOT needed. In the screenshot above, you should use DNS host (A), and NOT URL!
(And as already noted above, behind double NAT, port-forwarding on pfSense alone will do zilch and it still will not work. Get rid of the double NAT or forward this in both places.)
-
OMFG I surrender.
-
Uh. Yes. Replace your dynamic IP in the link with the dynamic hostname. Do NOT use any URL-redirect type service for this. It will NOT work properly and is absolutely NOT needed. In the screenshot above, you should use DNS host (A), and NOT URL!
(And as already noted above, behind double NAT, port-forwarding on pfSense alone will do zilch and it still will not work. Get rid of the double NAT or forward this in both places.)
The reason I tried this whole web redirect was because what you're suggesting doesn't work. That's exactly how I had it configured to start with.
So…..http://webdav.ddns.net:5385:/webdavshare doesn't work.
And I'm not double Nating, everything is off on the modem, it's in bridge mode to my pfsense box.
-
Yes. Because when your pfSense WAN IP is RFC1918 (192.168.1.16) then it won't work as noted above, multiple times. Go do some reading on double-NAT and bridging modems. You are messing with totally wrong stuff here.
-
webdav.ddns.net is setup with my public IP, I'm not double Nating. Everything is switched off on my modem and it's in bridge mode PPPoe with my pfsense box.
-
And I'm not double Nating, everything is off on the modem, it's in bridge mode to my pfsense box.
You know, grab some WebDAV client that provides some logging and debugging output (no, Windows Explorer is NOT one) and produce some info here when testing from your WAN. And for the last time, the URL forwarding is complete BS. Also, the WebDAV server should have logs.
-
It seems to be working now, I've made a few changes and I'm not sure at the minute which one resolved it but I can now access http://webdav.ddns.net:5385:/webdavshare from the WAN side.
I'll report back when I figure out what it was. Thanks for bearing with me! : )