4. Cannot access url from same webserver

Cannot access url from same webserver

  • B

    Hello,

    I'm quite a newbie so please be gentle.

    1. I have a web server  forwarded port 8080 (http://myurl.com:8080)
    2. Browsing to the url from an external network works fine
    3. Browsing to the url from another pc from the same network works fine
    4. Browsing from the same host to the host url work fine (http://127.0.0.1:8080)
    5. Browsing from the same host to the url gives out the following from the state: CLOSED:SYN_SENT

    Any ideas please? Thank you.

    0
  • B

    State:
    LAN tcp 192.168.20.14:2282 -> my.public.ip.address:8080 CLOSED:SYN_SENT 2 / 0  104 B / 0 B

    0
  • LAYER 8 Global Moderator

    So you using nat reflection?  Or these other hosts resolve myurl.com to your service private IP 192.168.20.14?

    Why would you not just setup host overrride on dns so that myurl.com internally resolves to the 192.168.20.14 IP?

    0
  • B

    @johnpoz:

    So you using nat reflection?  Or these other hosts resolve myurl.com to your service private IP 192.168.20.14?

    Why would you not just setup host overrride on dns so that myurl.com internally resolves to the 192.168.20.14 IP?

    Hi John, thank you for your time.

    Yes I think I am using NAT reflection (it says "Use system default").
    The other hosts does not resolve myurl.com to 192.168.20.14, it points to my public ip, hence with the 8080 port added to the url it forwards fine.

    The main resaon I need this is for letsencrypt ssl. Letsencrypt api needs to browse the host that you are registering the ssl for. So to run the tool successfully, it generally needs to access "http://myurl.com:8080/plus-the-letsencrypt-acme-challenge" using the same host

    Any ideas please?

    0
  • LAYER 8 Global Moderator

    And that has zero to do with using nat reflection.. Set your host override to point myurl.com to your servers local IP and now all your problems go away.

    As to system default - which is what their are different modes of nat reflection. Maybe its disabled?  Mine is..

    Why in the world would you want to hit your public IP, just to be reflected back into yourself..  Just seems pointless!!

    Do yourself a favor - takes .2 seconds to setup.  Just do a host override so your local hosts (using pfsense for dns of course) resolve myurl.com to 192.168.20.14.

    If your trying to do something with ssl, why are you using port 8080?  https would be port 443.  Are you doing a redirect on the port forward from 8080 to 443?  Do you have https listening on 8080 on this server? etc..


    0
  • B

    ah now i see where the complication starts…

    i have a dns server on the network, its a web hosting platform for lots of domains and uses IIS which uses port 80 and 443. http://myurl.com is on an apache box.

    anyways, since i only need to access http://myurl.com:8080 from the host itself every three months (letencrypt ssl renews every 3 months), i just temporarily pointed port 80 to the this ip, and accessed http://myurl.com instead. Then i  generated the ssl certificates and changed it back again.

    its working now but quite weird... now i can access both http://myurl.com:8080 and https://myurl.com:8443 from within the host.

    thank you for your time i really appreciated it.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy