[SOLVED] WebGUI Can get to Node WEBGUI, VM, or CT using https://192.168.1.xxx(:8006), but not https://hostname(:8006)

thisisbenwoo

New Member
May 28, 2021
14
1
3
51
Hello all,

I'm new to PVE and first time using LXC/CT. I'm almost certain that others may have come across this problem, but I've been searching, and I can't seem to find a suitable answer.

I just installed the NextCloud CT (using the Turnkey Linux template). I can access Nextcloud if I use the IP address, but when I try to access it using (say) http(s)://ct.example.com, Chrome tells me that the site cannot be reached.

HOWEVER ... I can ping the IP address, I can ping ct.example.com, I can ping simply ct. I can ssh to IP addr, ct.example.com, and ct. From inside the LXC, I can ping and ssh back out to any of my other servers.

I do have the CT using DHCP, because I put static addresses into my router (that's obviously another debate), but obviously the gateway, the IP address, the hostname (at least from the router perspective) is all fine. I've tried using confconsole to change the name of the LXC host from ct to ct.example.com. But still when I go to https://ct.example.com, it doesn't work.

Can anyone point me in some direction? I'm pretty sure it's something very simple (and likely obvious), but I can't seem to see what it is.

As an aside, I tried to create the same CT as a privileged CT, and I can't even get to the CT using http://IP_address, yet, again, I can ping it and ssh to it. (This is not the main question, but if someone has an answer to why this happens, I'd appreciate it).

Thank you in advance..
b
 
I assume, this has to do with Nextcloud config or web server config. There might is a "virtual host" (Apache term?) or something similar and this option may be hard coded to the IP address.
 
Lorenz,

That's a good suggestion, but it isn't. I've checked all of those already. I had the same problem with MediaWiki, DokuWiki and all the other CT's I've tried.

I even tried pinging ct.example.com from INSIDE the CT, and it was fine. The only time it isn't working is when I go to a browser and typing http(s)://ct.example.com.

b
 
Last edited:
Already updated.
I tried it on one other browser, and it looks like it might just be the browser that set up the CT.
 
@hepo,

Thanks for your suggestion. Also tried that too! But since I can access it from another computer, I think I'm going to put it down to some glitch on the computer I'm using.
 
bump ...

I've found that this is the case not only for the NC LXC CT, but I can't get to the management interface at port 8006 using the hostname either. I've tried multiple browsers, same result.

So, when I go to https://hostname:8006, I get nothing. But when I go to https:192.168.1.x:8006, it works - same outcome for Proxmox node or Proxmox CT (haven't tried the same for VM)
 
bump again ... this problem is really perplexing me ...

In the manual, https://pve.proxmox.com/wiki/Instal...retch#Connect_to_the_Proxmox_VE_web_interface
It states:

Connect to the Proxmox VE web interface​

Connect to the admin web interface (https://youripaddress:8006). If you have a fresh install and didn't add any users yet, you should use the root account with your linux root password, and select "PAM Authentication" to log in.

But in other non-Proxmox how-tos (yes, I know it's unofficial documentation), it is suggested one can get to the WebGUI using https://nodename:8006. Does anyone know why I can't (and from what I've seen in this forum, others cannot either), get to the WebGUI using https://nodename:8006?

My DNS is correct
The IP is correct.
I can ping the nodename
I can ssh to the nodename
nslookup gives me the correct IP for the nodename.

This seems to also impact web interfaces for CT's and VM's. I'm sure it's something glaringly simple that I've overlooked, but not sure where to look.

Thanks!

UPDATED thread name to reflect that this is happening for Node WebGUI, VMs and CTs.
 
Last edited:
I can not reproduce your problem. In my case, I can reach my node GUI via the hostname.

The only thing that comes to my mind is, that there perhaps is some ssl/tls inspection going on (by the browser, or some firewall in between). And this inspecting entity forbids self-signed Certificates for non-IP-address hosts.

Another thing might be IPv6 – you may check if DNS resolves the name to some weird IPv6 address or something.

Perhaps the output of ss -tlnp and sysctl -a |grep bindv6 helps.

Edit:

Can you specify the error in the browser more exact?

Perhaps the content of /etc/hosts could help us - please post this too

And the output of curl https://ipaddress:8006/ and curl https://hostname:8006/ (try with -k to disable certificate checking)
 
Last edited:
I can not reproduce your problem. In my case, I can reach my node GUI via the hostname.

The only thing that comes to my mind is, that there perhaps is some ssl/tls inspection going on (by the browser, or some firewall in between). And this inspecting entity forbids self-signed Certificates for non-IP-address hosts.

Another thing might be IPv6 – you may check if DNS resolves the name to some weird IPv6 address or something.

Perhaps the output of ss -tlnp and sysctl -a |grep bindv6 helps.

Edit:

Can you specify the error in the browser more exact?

Perhaps the content of /etc/hosts could help us - please post this too

And the output of curl https://ipaddress:8006/ and curl https://hostname:8006/ (try with -k to disable certificate checking)

Thanks for your suggestions, here are the results:

1623426765324.png

The following shows ipaddress then hostname:

1623426933861.png

And the Windows C:/Windows/system32/etc/hosts:
```
PS C:\WINDOWS\system32\drivers\etc> type hosts
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost
PS C:\WINDOWS\system32\drivers\etc>```

I forgot to mention this is going through OpenVPN (although I tried this on the same network).

b
 
OK, after reinstalling my OpenVPN server, all of a sudden I can access using hostname. I can't explain why since (pre reinstallation) I could ping hostname, ping IP address, and access GUI using IP address. Marking SOLVED, but have no idea why/how things changed.