Results 1 to 8 of 8
  1. #1
    Untangler JohnnyBeGood's Avatar
    Join Date
    Oct 2020
    Location
    US & A
    Posts
    43

    Question Access Nextcloud internally and externally using custom port

    Hey all,


    When I was using pfSense + Pi-hole I believe this feature was called "port rewrite". Basically I have Nextcloud on Ubuntu VM running locally with valid SSL. I can access it using https://nextcloud.mydomain.net.
    When I'm outside my network I opened random port on Untangle ie. https://nextcloud.mydomain.net:55900/ and I can access it that way. If I try to access it using https://nextcloud.mydomain.net:55900/ internally I get time out.


    I'm using Pi-hole as my DNS (192.168.1.116) on Untangle and under "Local DNS Records" I set nextcloud.mydomain.net to point to 192.168.1.115 which internal IP of Nextcloud and I can ping it.
    Is there anyway to be able to access it internally and externally using same port ie. https://nextcloud.mydomain.net:55900/ ?




    Code:
    root@debianpihole:~# ping -c3 nextcloud.mydomain.net
    PING nextcloud.mydomain.net (192.168.1.115) 56(84) bytes of data.
    64 bytes from ubuntu.mydomain.net (192.168.1.115): icmp_seq=1 ttl=64 time=0.194 ms
    64 bytes from ubuntu.mydomain.net (192.168.1.115): icmp_seq=2 ttl=64 time=0.212 ms
    64 bytes from ubuntu.mydomain.net (192.168.1.115): icmp_seq=3 ttl=64 time=0.251 ms
    
    
    --- nextcloud.mydomain.net ping statistics ---
    3 packets transmitted, 3 received, 0% packet loss, time 57ms
    rtt min/avg/max/mdev = 0.194/0.219/0.251/0.023 ms
    root@debianpihole:~#




  2. #2
    Master Untangler
    Join Date
    Apr 2020
    Location
    United Kingdom
    Posts
    125

    Default

    Hi,

    I have Nextcloud running internally and it works the way you're after, but what I did was actually shift Untangle off of the standard port 80 and 443 for its web interface.

    I have a port forward that sends HTTPS on 443 from WAN to Nextcloud (I keep port 80 off until it's time to renew the Letsencrypt cert)...

    So is Apache or whatever on your Nextcloud box listening on port 55900 then?

  3. #3
    Untangler JohnnyBeGood's Avatar
    Join Date
    Oct 2020
    Location
    US & A
    Posts
    43

    Default

    Quote Originally Posted by Armshouse View Post
    Hi,

    I have Nextcloud running internally and it works the way you're after, but what I did was actually shift Untangle off of the standard port 80 and 443 for its web interface.

    I have a port forward that sends HTTPS on 443 from WAN to Nextcloud (I keep port 80 off until it's time to renew the Letsencrypt cert)...

    So is Apache or whatever on your Nextcloud box listening on port 55900 then?
    Thanks for taking time to reply!

    I also keep port 80 off for Letsencrypt until its time. Apache on Ubuntu runs port 80. Nothing is listening on 55900 right now.
    What if in the future I want to run another project similar to Nextcloud on Ubuntu, moving Untangle to random port other than 80 and 443 would get me into problems I assume.
    How are you able to see Nextcloud internally and externally, because all WAN traffic is forwarded to 443?

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    9,694

    Default

    If you use port forward for 80 and/or 443, the Untangle GUI interface needs to be moved from those ports.

    https://wiki.untangle.com/index.php/Services
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Master Untangler
    Join Date
    Apr 2020
    Location
    United Kingdom
    Posts
    125

    Default

    Hi @Johnny

    As you can see, I've moved Untangle onto 4433 for HTTPS and 8888 for HTTP.

    I don't use Pi-hole, but essentially Untangle has the same static host entry for DNS where I have both a short, freindly hostname and the nextcloud.mydomain.com names pointing to the internal address of my Nextcloud Ubuntu box.

    On the WAN side of things, there is a port forward rule that sends 443 traffic from the WAN to the internal IP of Nextcloud.

    I haven't had any problems moving Untangle's web interfaces. It just means that you can't only put in the IP address to get to the web interface, you have to add the :4433 (or whatever) too.
    Attached Images Attached Images

  6. #6
    Untangler JohnnyBeGood's Avatar
    Join Date
    Oct 2020
    Location
    US & A
    Posts
    43

    Default

    Thanks guys!

    It looks like there's no way to use specific address with port ie. https://nextcloud.mydomain.net:55900/ and https://truenas.mydomain.net:55901/ internally and externally? Untangle cannot recognize when I open either one that it does need to go outside the WAN and that both ports 55900 and 55901 are forwarded to service that could be on different computer inside the LAN?

    From looking around various settings inside Untangle and Pi-hole is that using DNS I can point nextcloud.mydomain.net to 192.168.1.115 or truenas.mydomain.net to 192.168.1.116, but the problem is as soon as I add port number at the end it tries to go through the WAN interface.

  7. #7
    Master Untangler
    Join Date
    Nov 2018
    Posts
    119

    Default

    I would suggest (for the WAN side) to start using Reverse Proxy and not exposing open ports to the internet.
    donhwyo likes this.

  8. #8
    Untangler JohnnyBeGood's Avatar
    Join Date
    Oct 2020
    Location
    US & A
    Posts
    43

    Default

    Quote Originally Posted by soldier View Post
    I would suggest (for the WAN side) to start using Reverse Proxy and not exposing open ports to the internet.
    Thank you! I will look into it.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2