Hi everyone,

I’m at my wits end here getting port forwarding working on my setup with Nginx Proxy Manager (NPM) and OPNsense.

I recently upgraded my networking gear, and everything is working great, I’m loving OPNsense and 10G networking. I’ve had the same setup for port forwarding for years and never had issues, the main change was the addition of OPNsense and a switch.

Previous setup (I realize this wasn’t the best):

ISP modem -> DHCPv4 with ports 80/443 forwarded to ASUS wireless router WAN -> DHCPv4 with ports 80/443 forwarded to VM on proxmox running NPM -> NPM set up with hosts to proxy services on other VMs/server.

This (or a variation thereof) has all been working great for years, along with ddns set up as I have a dynamic IP.

New setup:

ISP modem -> DHCP off with ports 80/443 forwarded to OPNsense WAN via MAC address -> OPNsense NAT-Port Forwarding set up to the NPM host/port, rest is the same as before.

The settings for the port forward are the standard I’ve found in guides. WAN address, any source/port, redirect to NPM host and ports. Tried the domain I usually use, no luck. Port checker shows the ports are closed.

Tried the following:

  1. DMZ on the ISP modem keeping WAN IP default/automatic and adding OPNsense to the DMZ, no change.
  2. Advanced DMZ on ISP, WAN is the external IP, no change
  3. Same as 2, but changed OPNsense WAN settings from DHCPv4 to PPPoE, and added the ISP login info. Received new IP, updated ddns, still no change.
  4. Checked over port forwarding settings, enabled NAT reflection, still nothing.

I’m between all these steps, I rebooted OPNsense, proxmox, switches, etc.

Any ideas on what I could try for next steps? All of the local networking and external connections work awesome, it’s just the port forwarding as the last piece. Thanks!

Edit 2023-01-03:

I finally solved this, turned out the OPNSense and NPM configuration was all correct.

The problem was a glitch in the docker compose/portainer. I had my ports in docker compose set to 80:80/443:443, but when the container was deployed, it assigned 1880:80/18443:443 because of…reasons, and I didn’t notice until going through it all line by line 🤦.

Redeploying the stack/container didn’t solve it, so I changed the time zone to another city, redeployed and viola, everything works perfect as it should!

  • phanto@lemmy.ca
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    I’m dealing with a similar issue, but only on some services. I’d like to know too.