Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 27 subscribers
  • Views 1067 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Need help with accessing resources while internal externally I can access them

Joeri h

Hello all,

Im an Sophos home user with a littlebit of experience and a problem i cant resolve myself.

I have Nginx proxy manager running in docker so the only ports that are open are 80 and 443.

I use my domain name with wildcards to acces the services behind Nginx. (*.mydomain.com) nginx send them to the right services and it all works from external.

But when im in the network (wifi or LAN) i can't acces the services using the domains.

So this is the policy test and that works fine but when i type the url in browser it said, cant connect.

Do you guys have any idea where to look?



This thread was automatically locked due to age.
  • 0

    Hi Joeri,

    how do you resolve internal DNS names, do you have an internal DNS server?

    Where do the clients point to for DNS queries?

    Please give us more details about the DNS config on the Sophos?

  • 0 in reply to jprusch

    Hello and thank you for the quik reply!

     

    i have no internal DNS server.

    DHCP gives the gateway as DNS points for clients.

    Sophos uses DNS from DNS.watch.

    i've already tested to leave 127.0.0.1 behind and only use the one from dns.watch but that does not make any diffrence.

    i hope i have provided the information that you where asking for.

    edit: added trace route. seems not good to me but im not an expert .

    with kind regards

    joeri

  • 0 in reply to jprusch

    Some more hints:

    testing DNS is always a bit tricky, because caching is involved all over the place.

    After changing settings on the Sophos, always flush the DNS cache of the device.

    After changing settings at the windows client, use ipconfig /flushdns to clear old entries AND remember to clear the browser cache.

    For recent Macs do this in a terminal window sudo killall -HUP mDNSResponder

  • 0 in reply to jprusch

    Hello,

     

    i've done everything you said, it now points to the right ip adres internal where my nginx is runnig.

    i've only got one problem, the docker host of nginx is in br0 mode and the ports are 8443 and 8080 istead of 443 and 80 so i make a nat rule.

    but the nat rule doenst work, do you have any idea how to solve it ?

     

    with kind regards,

    Joeri

  • 0 in reply to Joeri h

    Hi Joeri,

    NAT works from one network to another, this won't work inside the same network.

    Two solutions:

    1.) move the docker management ports to other ports to free port 80 and 443

    2.) use :8080 :8443 suffix when accessing resources from inside

  • 0

    Goodevening,

     

    I solved the issue with the help of a friend.

    The sollution for me is to seperate mij server/docker/vm's and the clients in diffrent VLAN's. now (almost) everything works fine!

    Thanks you for your help and patience.

     

    With kind regards,