Join Log in
Score:0
unix_ike avatar Server

Access self-hosted web server from WAN and LAN with FQDN

ua flag
unix_ike

I have self-hosted web-server in internal network which i can access from external network with FQDN. I would like to access same server from internal network with same FQDN also.

I have configured my router to use my own DNS-server which is located in my internal network. I can access that and other machines with FQDN via SSH in my internal network, which has A-records in my DNS-server. But i cannot access that web-server (and actually one other "not internet facing" web-server) with FQDN via browser. I can access those with internal IP via browser.

I guess this is DNS related problem. I know something about basic networking and servers, but when it comes to DNS, i'm out of luck.

Related equipment:

  • Ubiquiti Edgerouter acting router+firewall. Configured to use internal DNS-server. FW port forward ports 80 and 443 to my Reverse Proxy.

  • Nginx reverse-proxy server handling LetsEncrypt certs and forwarding traffic to my web-server. <-- seems to work fine(can access that web-server from external network with FQDN. SSL work also).

  • Web-server using Apache2. Browser can access with local IP, not FQDN.

EDIT:

  • Nameserver - Records created with Webmin GUI

Any ideas?

62
0 + 0
jp flag
AlexD
Describe what happens when you try to access the server with FQDN.
0
Reply
unix_ike avatar
ua flag
unix_ike
From external network: Everything looks fine. Site works as it should, SSL and SSL-redirect works. From internal: browser says basic: "Unable to connect"
0
Reply
unix_ike avatar
ua flag
unix_ike
"Problem loading page"
0
Reply
Score:0
Mrwut avatar Server
ng flag
Mrwut

I don't know much about ubiquiti gear, but could be a hairpin nat missing.

The docs says it's enabled by default when you forward a port, but worth checking it.

0 + 0
unix_ike avatar
ua flag
unix_ike
Looks like it was that Hairpin NAT. Thanks for advice! However Certificates does not work. That's because my Reverse-Proxy handles those, not server itself. Maybe i'm gonna just change Certification handling to server itself. If you don't have advice for that?
0
Reply
unix_ike avatar
ua flag
unix_ike
Actually i got certificates working by pointing my internal A-records to my reverse-proxy. I lose ability to ssh in exposed server with DNS record but that's not a big problem
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.