How to open port 80?

D

dataprolet

New Member
Aug 8, 2023
9
0
1
I'm running a Wireguard tunnel on my Proxmox host which connects to a VPS. On the VPS I'm running a Nginx Proxy Manager. I can't reach the NPM from my local network to use it for resolving local domain names, because port 80 is closed on my Proxmox. How do I open port 80 on my Proxmox host so that the NPM is reachable from my local network?
 
Hey,

can you ping the server running NPM? Could you check with ss -tulpn if NPM is actually running on your server and is using port 80? Generally it shouldn't be necessary to open any ports on your PVE host, opening ports is usually only necessary if you want to accept incoming connections.
 
Last edited:
Thank you for your answer. I can ping the server running NPM from my Proxmox host using the IP address of the WireGuard tunnel's interface and I can also open the public IPv4 of the server in my browser and get the Nginx congratulation page.

And here's the output of ss -tulpn from the VPS.

Code: 
Netid  State   Recv-Q  Send-Q   Local Address:Port    Peer Address:Port  Process                                   
udp    UNCONN  0       0              0.0.0.0:51820        0.0.0.0:*                                               
udp    UNCONN  0       0              0.0.0.0:68           0.0.0.0:*      users:(("dhclient",pid=548,fd=7))         
udp    UNCONN  0       0                 [::]:51820           [::]:*                                               
tcp    LISTEN  0       4096           0.0.0.0:81           0.0.0.0:*      users:(("docker-proxy",pid=80365,fd=4))   
tcp    LISTEN  0       4096           0.0.0.0:80           0.0.0.0:*      users:(("docker-proxy",pid=80385,fd=4))   
tcp    LISTEN  0       4096           0.0.0.0:443          0.0.0.0:*      users:(("docker-proxy",pid=80345,fd=4))   
tcp    LISTEN  0       4096         127.0.0.1:39681        0.0.0.0:*      users:(("containerd",pid=3787,fd=10))     
tcp    LISTEN  0       128            0.0.0.0:1312         0.0.0.0:*      users:(("sshd",pid=82043,fd=3))           
tcp    LISTEN  0       4096           0.0.0.0:9001         0.0.0.0:*      users:(("docker-proxy",pid=280698,fd=4)) 
tcp    LISTEN  0       4096              [::]:81              [::]:*      users:(("docker-proxy",pid=80370,fd=4))   
tcp    LISTEN  0       4096              [::]:80              [::]:*      users:(("docker-proxy",pid=80390,fd=4))   
tcp    LISTEN  0       4096              [::]:443             [::]:*      users:(("docker-proxy",pid=80350,fd=4))   
tcp    LISTEN  0       128               [::]:1312            [::]:*      users:(("sshd",pid=82043,fd=4))           
tcp    LISTEN  0       4096              [::]:9001            [::]:*      users:(("docker-proxy",pid=280703,fd=4))
 
What exactly is it you want to do? If you want things you have running as VMs on PVE be reachable through your NPM, you have to setup a route for the subnet that the VMs are on. If your VMs are on, let's say, 192.168.1.0/24 the WireGuard peer config on your VPS has to look something like this:
Code: 
[Peer]
PublicKey = ...
PresharedKey = ...
AllowedIPs = ...,192.168.1.0/24
WireGuard sets up routes to IPs defined in AllowedIPs by default.
 
I'm running NPM on the VPS so serve two purposes.
1. It make my home network reachable from the internet through a public IPv4, because I only have DS-Lite.
2. NPM should resolve local domain names for different services running in my home network using a DuckDNS domain and DNS-challenge.
The latter is not working.
 
If you have a DNS server running on your PVE host, you should be able to just forward DNS queries to the PVE IP on the VPN tunnel. One thing you should check is that the DNS server on your PVE host is bound/listening on the correct interface. Why do you need DuckDNS, your VPN has a static IP, right? I assume with "NPM should resolve local domain names" you mean that instead of an IP you want to enter domain names into NPM. For that you have to setup a DNS server, something like dnsmasq would make sense, on you VPS. This then just forwards DNS requests for your local domain to the DNS server running on you PVE host.

IIRC the config for forwarding DNS looks something like this server=/localdomain/10.66.66.2, 10.66.66.2 being your PVE host's IP on the wg tunnel.
 
You must log in or register to reply here.

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Quick Navigation

Home Get Subscription Wiki Downloads Proxmox Customer Portal About

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!
Community platform by XenForo® © 2010-2024 XenForo Ltd.
Top Bottom
Back