I have a remote machine with public IP address 121.x.y.z, with Gitlab (the software does not really matter and Gitlab knowledge is not required here) installed (which uses nginx for its web interface) and HTTPS setup. However I am in a situation where I can only access through HTTPS using localhost but no other IP address.
When I do netstat -an | grep 443 in the remote machine I get
[user@machine ~]$ netstat -an | grep 443
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN
When I do curl --insecure https://127.0.0.1 in the remote machine I get
[user@machine ~]$ curl --insecure https://127.0.0.1
<html><body>You are being <a href="https://127.0.0.1/users/sign_in">redirected</a>.</body></html>
The redirected message is the default correct message with Gitlab.
However when I do curl --insecure https://121.x.y.z in the remote machine I get nothing but infinite waiting time (seems like it is not actually listening). But netstat result seems to indicate it is listening to all ip addresses, not just localhost.
The Gitlab web interface works correctly if I discard HTTPS settings and go back to HTTP.
I don't know how to even proceed debugging this issue and is pretty much stuck. Is there anything I can do to figure out why it only listens to localhost while netstat shows it listens to everything?
Edit:
The system is CentOS7 and firewalld seems to be not active too.
[user@machine ~]$ sudo systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
Active: inactive (dead)
Docs: man:firewalld(1)
Aug 14 10:55:45 xxxxxx systemd[1]: firewalld.service: Unit cannot be reloaded because it is inactive.
