My goal is simple : I just want to access my Apache Web server installed on a Ubuntu Server on a local PC behind my box in IPv6.
Using NAT, I can do it with IPv4 but it's a little bit "headache-able" to keep it work with a domain name and SSL. So I tried to make it work with IPv6, the IPv6 of my server is public and I just have to complete the AAAA of the domain name.
The problem is : I searched and tried a lot of things, I learned a lot but the problem is still complete !
The situation :
Ubuntu server shows the good IPv6 adress when I do hostname -I
I can ping my machine using a external website (dnschecker for example) from and outside my local network DNSchecker capture
Apache is configured to use IPv6 adresses and serve pages when asked from the local network BUT it does NOT work when accessed from outside (my problem !)
ufw is configured to use IPv6 tables, allows Apache then Apache Full ufw status
no firewall on my internet box
I'm dry, I don't know what to look for in order to solve this problem. I need help, thanks for your ideas and advices.
Related
I've already opened the port 80. It worked perfectly, but after some changes it left working. Webmin runs on a Raspberry Pi with Raspbian.
1. I tried to solve an ip issue, because my router changed my ip so quick that I had to update my ip on my Webmin server every time it changed.
img1
2. So I decided to change the ip to 127.0.0.1 in all of my servers. Like this:
img2
3. Then, cause now I could't access to my server from outside of my LAN. I tried to reset my eth0 ip again as it was in all of my servers (as 192.168.1.89), but it didn't work. I still can't access my http from outside.
4. I waited my eth0 ip to change to update it again (to put it instead of 127.0.0.1), but didn't work. I tried to do it like this: img3
As I said, it worked perfectly before changing the ip to 127.0.0.1, because my normal ip changes too fast (every 7 or 10 mins). I can access to my http server but only from my LAN.
Well, finally I found the solution. The problem was nothing about my Apache or Webmin configuration. It was about a problem with my router. Apparently it had a bug: The DMZ seemed as activated, but it really didn't (my router is a HUAWEI HG659).
Also, if you get this kind of problem, you should first check what ports are being used by your computer, and check if you have any firewall or program blocking that port.
So, I'm pretty new to apache and I'm having some issues finding a solution to my answer.
I have a domain name abcdefg.com (for example) and I have a public facing Fedora apache webserver on my home network at 192.168.10.10. I then have another machine that is a proxmox VE server at 192.168.10.20.
I know I can forward ports and just type [https://abcdefg.com:8006] to get to my proxmox server, but I want to be able to go to abcdefg.com/proxmox and it then somehow make a call to [https://192.168.10.20:8006] internally (https is required).
Can anyone point me in the right direction? I don't need to be spoonfed, I'm just not sure where to start looking. I've already figured out how to use the "Location" tags but its not working for this, seems to be a bit more involved.
--Cheers
You need to run a reverse proxy server, which Apache can do with a few extra mods. This will listen on a specific port (Let's say port 444 in your case) and send requests to whatever IP and port you specify behind the scenes.
See the following link for how to reverse proxy a site: Simple Apache reverse proxy example
Simply change the mywebsite.jamescoyle.net references to point to your internal proxmox box on port 8006 - eg.
ProxyPass https://192.168.10.20:8006/
ProxyPassReverse https://192.168.10.20:8006/
I'm running VirtualBox on OSX host with Debian guest. I use Debian to run my development LAMP environment and I would like all traffic on my host port 80 to be automatically forwarded to the Debian guest.
Currently my debian server is set up with 2 network adapters, one Host-Only and one NAT (the latter simply to give it an internet connection, it's not meant for server duty).
On my OSX host I've configured mod_proxy like so:
ProxyPass / http://debian/
(debian being the hostname of the debian guest). This works for me as my host shares an internal network with "debian", however if I quickly want to show something to a collegue and send them my url (192.168, etc) then they won't be so lucky.
How can I set up my configuration in such a way that my OSX apache server basically acts as a full on proxy solution for my debian server?
Thanks
If I'm reading your question correctly, it sounds as though you understand ProxyPass to work similar to an HTTP 301/302 status, which is incorrect. A 302 HTTP status will say to the requesting client, "Hey, get this from some other address yourself." In this case, debian would have to be visible to your colleague.
However, ProxyPass (and reverse proxies in general) make the connection for you; the client doesn't need to (and very often doesn't) have direct access to the upstream server, in this case debian. Long story short, unless I'm reading this wrong, you should be good already, as long as Apache on your host machine (your physical box) is listening on an IP address they can see.
I just set up a server in my house using private IP.
I can access my server using my domain from outside network/ outside from my house.
But I cannot access it from local network using my domain or my private IP address.
What can be the problem for this? is it the Apache settings?
(I can access it if I edit the /etc/hosts file)
Did you use the internal or external IP in your hosts file to get it working? If it was external IP it's probably the DNS issue. If it was the internal IP, the issue could be in the routers NAT.
Some routers/setups will only apply their NAT rules on packets traversing the external internet facing interface.
____________
| |
Server ---IntIf-|IntIP--ExtIP|-ExtIf--- Internet
|____________|
This is a bit simplified but basically when you access the external IP from the internal network the packet, following the dotted line, reaches the routers external IP before a NAT rule can be applied on ExtIf and then the router can't find anything listening so rejects/drops the connection.
To confirm if it is the DNS problem. Run an nslookup $domain from both your local and external boxes and see if they return the same IP address. If the IP's are the same and it's still not working you will need to take a closer look at the router, hopefully that's possible. If not you may need an internal DNS server that can respond with the internal IP addresses for any domains it knows about then forward any other requests externally.
The NAT issue is called NAT Loopback, Hairpinning or Reflection. See here for a linux solution.
If you can access it when you put in an entry in /etc/hosts, then likely it is DNS related. I am assuming you are putting in the public (external IP) and not an internal IP for testing.
If you have recently updated your DNS, then likely your local router (or ISP's DNS server) will still have the old IP cached or the fact that there is no DNS record setup cached. You could reboot your router to try and clear the cached entry, but it could well be cached at the ISP and you can only wait until it updates there (usually somewhere under 24 hours, often just a few hours). However, you could configure your computer to use a different DNS server for a while - eg. 8.8.8.8 or 4.4.4.4 which are both run by Google.
I have apache installed listening to 8888, and port 8888 oppened, due the fact that 80 and 8080 are blocked by my ISP. I have no firewalls running.
The page hosted on my computer, works from some proxies like http://www.webproxyonline.info/ for example, but doesnt work from some others, like zend2.com.
I also tested to access the page from 2 dedicated servers that I own, but without success. I can ping my computer IP, but when I type wget myip:8888 i get nothing.
I also tried to run the code file_get_contents('http://myip:8888'); but no success too.
What can be causing this problem?
thanks.
UPDATED: PROBLEM SOLVED.
The problem is that the firewall CSF on my dedicated server was blocking outgoing traffic to my ip.... I just added my ip to the alloed list...
Um, if you're actually binding localhost (that is, 127.0.0.1), then it shouldn't be accessible from other machines. That's how localhost works. You need to bind a actual external IP address for your machine.