Access public ip port from VM lan

Discussion in 'Proxmox VE: Networking and Firewall' started by itreers, Mar 14, 2019.

  1. itreers

    itreers New Member

    Joined:
    Mar 15, 2018
    Messages:
    3
    Likes Received:
    0
    Hi. I have a problem with my Jira VM.

    I need that jira with lan address 192.168.1.118 can resolve own dns name with proxmox public ip and access port 443 on it.
    How to achieve this?
     
  2. Richard

    Richard Proxmox Staff Member
    Staff Member

    Joined:
    Mar 6, 2015
    Messages:
    577
    Likes Received:
    19
    AFAIU you want to acces jira in local LAN via public IP - configure simply port forwarding
    Code:
    iptables -t nat A PREROUTING -p tcp --dport 443 -j DNAT --to-destination 192.168.1.118
    
    Possibly you have to adapt also server settings in the VM for proper access via FQDN too.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    itreers likes this.
  3. itreers

    itreers New Member

    Joined:
    Mar 15, 2018
    Messages:
    3
    Likes Received:
    0
    443 port already redirected to nginx reverse proxy. In my lan I have another vm's with sites (near 30). Jira listen 8080 on lan ip.
     
  4. Richard

    Richard Proxmox Staff Member
    Staff Member

    Joined:
    Mar 6, 2015
    Messages:
    577
    Likes Received:
    19
    In other words you want two different servers have to be able to be accessed via the same public IP and port only selected by the used FQDN. The solution is to use "virtual hosts" (as apache calls this method), see e.g. https://httpd.apache.org/docs/2.4/vhosts/examples.html
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. itreers

    itreers New Member

    Joined:
    Mar 15, 2018
    Messages:
    3
    Likes Received:
    0
    Sorry for my english but I will try to explain.
    I have VM with nginx proxy in LAN segment where Jira located. From WAN ip of proxmox - port 443 redirected to LAN ip of proxy where nginx proxy forward requests to jira LAN ip port 8080. For example WAN ip (proxmox) 22.22.22.22:443 -> (nginx proxy) 192.168.1.10:443 and routing by domain name to -> (jira server) 192.168.1.200:8080. For example. Jira have address jira.example.com (22.22.22.22) and another server confluence.example.com (22.22.22.22) both in same LAN segment on same Proxmox host. For application linking they must resolve each other domain and access ports 8080 (for jira) and 8090 (confluence). I solve this with internal DNS that redefine DNS records for jira and confluence with LAN ips. Application linking working. But for corrects work of gardets URL in Jira base url (https://jira.example.com) port 443 must be accessible from jira server itself but it can't because it has LAN sergment IP in DNS and jira server don't have 443 port configured on jira LAN ip. It configured on nginx proxy.
     
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice