Apache Issues with Port Forwarding

#1

I just finished following Samuel Dowling’s guide to installing NextCloud in a FreeNAS jail, located here:

It was incredibly helpful!

I’m running into just one small issue that I cannot figure out, despite a couple of hours of trial-and-error and experimenting.

Here’s a quick rundown of my setup:
NextCloud 15
Running on FreeBSD 11.2-RELEASE-p9
Duck DNS DynDNS Service with Port Forwarding Working

I have two Apache rules in a configuration file:
<VirtualHost *:80>
ServerName DuckDNS_address
Redirect permanent / https://DuckDNS_address

and

<VirtualHost *:443>
    ServerAdmin me@here.com
    ServerName server_name
    <FilesMatch .php$>
            SetHandler "proxy:fcgi://127.0.0.1:9000/"
    </FilesMatch>
    DirectoryIndex /index.php index.php
    DocumentRoot "/usr/local/www/nextcloud"
    SSLCertificateFile correct_path
    SSLCertificateKeyFile correct_path
    SSLEngine on
        <IfModule mod_headers.c>
            Header always set Strict-Transport-Security "max-age=15552000; >
    </IfModule>
</VirtualHost>

When I first start apache, and I use either http://DuckDNS_address or https://DuckDNS_address, it works (always directing to https://DuckDNS_address) from either within my network or from outside of it. However, after about 20 seconds, the UI will no longer resolve from within my network, but it continues to work fine from outside my network.

If I add an additional directive in the CONF file, matching the local IP address of the NextCloud instance (and port 80), I can get it to work internally. However, this causes a problem with mobile devices: I either have to use the local address and not have the instance work outside my network) or the DuckDNS address (and not have the instance work while I’m connected to my local network).

I can reliably reproduce this behavior, but cannot for the life of me figure out what might be failing. I’d be grateful for any help or guidance!

0 Likes

#2
  1. I believe you have some LAN setup problems here. First of all try to investigate if you are connected to the same IP. E.g. run Network debugger (ctrl+shift+e in FF) and check if you are connected to the same IP. E.g. if you goes to https://DuckDNS_address and in window below see your External IP and in a few seconds Internal IP as “Remote address”.
    It could be that by the first connect your goes over NAT, but then your Router decide to go directly in LAN, but host name could not be resolved.
    As workaround check if you added your https://DuckDNS_address in local hosts file as internal IP (e.g. 192.168.0.100) and it always works. In this case you have to check your LAN config.

  2. It would be nice if you check your Apache2 Logs under e.g. /var/log/apache2/access.log and error.log when error appears to see what happens there.

0 Likes

#3

gas85,

Thanks for your thoughts!

I should have added that I have attempted a traceroute from the local network (seems to hang before returning to my router), though I have not used the browser’s tools to check the network calls. I’ll try that.

As for the logs, I should have also mentioned that I have checked the logs - both the access and error logs. I get traffic in the access log when it works, and no errors. When it does not work locally, I get nothing in either log - no traffic, and no error.

Between the traceroute hanging and the lack of access traffic, I wonder if the traffic is getting lost. Your suspicion about NAT comes to the fore here.

I’ll do a little more investigating and report back on what I find.

Thanks again!

1 Like