Join Log in
Score:0
Adrian-Bielefeldt avatar Server

Apache ProxyPass: Connection timed out

cn flag
Adrian-Bielefeldt

I have my apache configured to proxy some traffic to an internal ip (127.0.0.1:8048). When accessing the internal IP, everything works fine. But when acessing the proxy, I receive:

Failed to connect to matrix.DOMAIN port 8448: Connection timed out

I have port 8448 open in ufw, so I am at a bit of a loss as to what is going wrong here. I would appreciate suggestions on how to investigate this. My apache config is as follows:

# Server-Server (federation) API
# Use this apache reverse proxy template to enable matrix server-to-server federation traffic
# Be sure that network traffic on port 8448 is possible
#
# You can check your federation config at https://federationtester.matrix.org/
# Enter there your base DOMAIN address, NOT your matrix.DOMAIN address, ex. https://DOMAIN
#
# In this example we use all services on the same machine (127.0.0.1) but you can do this with different machines.
# If you do so be sure to reach the destinated IPADRESS and the correspondending port. Check this with netstat, nmap or your favourite tool.
Listen 8448
<VirtualHost *:8448>
        ServerName matrix.bielefeldt.berlin

        SSLEngine On

        # If you manage SSL certificates by yourself, these paths will differ.
        SSLCertificateFile /etc/letsencrypt/live/bielefeldt.berlin-0001/fullchain.pem
        SSLCertificateKeyFile /etc/letsencrypt/live/bielefeldt.berlin-0001/privkey.pem

        SSLProxyEngine on
        SSLProxyProtocol +TLSv1.2 +TLSv1.3
        SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH

        ProxyPreserveHost On
        ProxyRequests Off
        ProxyVia On
        RequestHeader set "X-Forwarded-Proto" expr=%{REQUEST_SCHEME}

        # Proxy all remaining traffic to the Synapse port
        # Beware: In this example the local traffic goes to the local synapse server at 127.0.0.1
        # Of course you can use another IPADRESS in case of using other synapse servers in your network
        AllowEncodedSlashes NoDecode
        ProxyPass /_matrix http://127.0.0.1:8048/_matrix retry=0 nocanon
        ProxyPassReverse /_matrix http://127.0.0.1:8048/_matrix

        ErrorLog ${APACHE_LOG_DIR}/matrix.bielefeldt.berlin-error.log
        CustomLog ${APACHE_LOG_DIR}/matrix.bielefeldt.berlin-access.log combined
</VirtualHost>
29
0 + 0
Gerard H. Pille avatar
in flag
Gerard H. Pille
Where do you see the error "Failed to connect to matrix.DOMAIN port 8448: Connection timed out" ?
0
Reply
Gerard H. Pille avatar
in flag
Gerard H. Pille
Perhaps your ISP is blocking 8448? When I run "nmap -p 8448 matrix.bielefeldt.berlin" I get "8448/tcp filtered unknown".
0
Reply
Adrian-Bielefeldt avatar
cn flag
Adrian-Bielefeldt
That error appears when I try to curl https://matrix.bielefeldt.berlin:8448/_matrix/federation/v1/version.
0
Reply
Adrian-Bielefeldt avatar
cn flag
Adrian-Bielefeldt
I'll check with my ISP, maybe they are. Wouldn't really know why though.
0
Reply
Gerard H. Pille avatar
in flag
Gerard H. Pille
If not your ISP, could be your modem or router?
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.