[SOLVED] PMG Webinterface behind NAT not accessible

studiur

New Member
Aug 5, 2019
2
0
1
27
Hello together!

I have a hard time setting up PMG at our company. We run a CloudStack infrastructure and I have created a vm and installed PMG on it. I static naetted a public IP-address to that vm and opened the ports 22, 25, 26 and 8006. Now I can access the vm via ssh but I can‘t get the gui to work.

The connections just keeps timing out. Even if I try to curl https://127.0.0.1:8006 it times out. The log of pmgproxy is completely empty. I am totally unsure where to search for the mistake…

Any ideas appreciated
 
Last edited:
Hello together!

I have a hard time setting up PMG at our company. We run a CloudStack infrastructure and I have created a vm and installed PMG on it. I static naetted a public IP-address to that vm and opened the ports 22, 25, 26 and 8006. Now I can access the vm via ssh but I can‘t get the gui to work.

The connections just keeps timing out. Even if I try to curl https://127.0.0.1:8006 it times out. The log of pmgproxy is completely empty. I am totally unsure where to search for the mistake…

Any ideas appreciated
------------------------------------------------------------------------------------------------------------------------------------------------------------

Hi studiur,
welcome to the forum!

if you have access to SSH daemon, you can check via ssh and the following command of the webproxy is listening on all interfaces of you box:
  • lsof -i -P | grep 8006
If it is up and listening to any (*:8006) incoming interface which is up, it seems to be an issue with your NAT on the firewall infront.

What tells you an "nc -v Your.Public.IP.Add 8006" from a "real" external system? "Connection refused"? "No route to host?"
Which firewall system are you running infront? Maybe already another NAT on TCP8006 in place?

Regards, TOJ
 
Hi Toj,

thanks for your reply! I just found the issue altrough I am usure where it came from. For some reason no selfsigned certificate was generated. Because of that pmgproxy couldn‘t start. But that Information wasn‘t written to the logfile but instead was only available trough the service status. I found one at this forum who hat a similar issue.

I started using letsencrypt-Certs for the PMG and now it runs just fine.

So it wasn‘t a NAT-Issue at all. I just thought it must be because from my point of view that the only „abnormal“ part of my setup.

Trank you anyway!

Kind Regards
Fabian
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!