Port forwarding doesn't work
-
@johnpoz
I can't see 80 or 443 in packet capture, but on other ports I see. So if I run the website on, say, port 773, port forwarding won't work? -
@taylorswift you could for sure use another port.. If you can see the traffic hit your wan, then you can forward it.. You could even forward it to something on 443.. keep in my for a user to access your site they would need to include your port..
http(s)://yourIPorfqdn:port
Browser used by some where http:// would use 80,. https:// would use 443.. If you want to use another port they would have to use the :port in their uri
I run a site on 44301 because it was just easier than messing with haproxy to do another service on 443.. I have openvpn listen on 443, if not vpn traffic it sends it to haproxy on 9443, which forwards to a backend service and does the ssl offload for it.
Vs messing with that setup, I put up a wrapperr thing for users to view their years stats on my plex server, was just easier to use different port.. And I send them a direct link ie https://fqdn:44301 that they just click on..
-
@johnpoz
I also found out that port 8443, witch also is using for https I can see in packet capture, same as port 8080 for http. -
@taylorswift
Remember that Lets Encrypt with webroot needs access to port 80 to hand out certs. -
@viragomann
Is there a way to Let's Encrypt use other port? -
@viragomann said in Port forwarding doesn't work:
access to port 80 to hand out certs.
Not really - just use dns to validate and get your certs. That is how I do it..
-
@johnpoz
Yes, I know. I mentioned, this is with webroot identification, which is the default and widely used. -
@viragomann said in Port forwarding doesn't work:
which is the default and widely used
Not for people that isp block inbound to 80 ;) like this guy..
-
@johnpoz
I‘m in doubt, that his ACME client is knowing that.
-
@viragomann exactly..
-
I'll ask my ISP can he open these ports.
Thank you @viragomann and @johnpoz for help.
