I'm trying to set up a Mastodon instance on my Raspberry Pi 4 at home, running Raspbian/Debian Linux. I have no idea what I'm doing.
The nginx server is running, working. When I access it from localhost or from inside the LAN, it gives a result like this, as expected:
When I try to access it from outside the LAN, it eventually times out or gives a "connection was reset" error.
Or in firefox:
At first I suspected that it was a problem with my firewall, like maybe it was blocking HTTP traffic into it. But it's allowing HTTP traffic through. I even stopped the firewall entirely, but it's still doing the same thing. (I'm using IPTables)
All of the necessary ports should be forwarded to the pi on my optimum router:
Here's the site's nginx config, just an edited copy of mastodon's given nginx configuration template. I have the HTTPS server commented out, as I'm only working with HTTP right now. I'm trying to get the http server working so I can use certbot to get an SSL certificate, but certbot's unable to connect to the nginx server, runs into the same "connection reset" error. The server_name is irrelevant (or is it?) as i'm just trying to connect to it through IP right now, and commented out the other "location" properties that the template came with, as I'm just trying to get the server to work in the first place, running mastodon on it and getting the SSL certificate and getting the domain to work will come after.
What causes it to work inside LAN but not outside it? Even with the necessary ports forwarded to the pi?
Edit:
Here's what it looks like inside the LAN, working correctly:
and here's when I try to access it outside the LAN (through ProtonVPN in this case)
https://www.reddit.com/r/OPTIMUM/comments/rxjw1v/optimum_internet_not_forwarding_traffic_on_port_80/
By default, Optimum blocks ports 80 and 25, even if they are port-forwarded.
Optimum support referred me to this obscure page that I couldn't find linked anywhere on the site, did exactly what i needed: https://www.optimum.net/internet/boost/
Related
I followed all kinds of instructions all day to get my first server up and running. I tested it on 3 devices and thought I had it... until my friend tried it and discovered "site can't be reached."
In double-checking on my end, I found that if I disconnected my phone from wi-fi, sure enough, I couldn't reach my server.
I realize there could be a million things wrong, but I don't know where to start. I am not even sure what additional information I should include to help find the issue. If I had to guess, I'd say I failed to open the firewall on my server port 80. But I really have no clue. Ubuntu is new to me.
Can you include details about your setup? How is the Ubuntu server configured? If it's your own hardware, have you forwarded the ports on your router? Do you have a Dynamic DNS server in place? Is there an internal firewall (ufw?). Is the Node.js server bound to the loopback? Is Nginx in proxy_pass mode?
As mentioned by the OP, the ports weren't forwarded.
I have one windows server already running sharepoint on 80/443 and the site works correctly.
We're trying to add more functionality by installing NodeJS and Apache
I've set apache to listen on 8080 and the default website comes up.
Node is running on 3000 and I can access the explorer that way as well.
My questions come from this. The server has a complete certificate chain installed on it and https://:8080 comes up correctly, but I can't get the node stuff to work on https: Secondly it appears while I have proxy pass set up correctly within my httpd.conf, either something is wrong within that as if I goto the https://:8080 /api/and anything beyond that, I get 503 errors and the page can't be displayed.
I'm unsure what I'm doing incorrectly here as from reading the documentation on proxy module, it seems that everything is setup and configured correctly.
Netstat shows listening on 3000 and 8080 and 80/443 for my SharePoint farm.
I had to configure the ssl settings for the proxypass to use the IP address of the local machine. After doing that I was able to connect correctly.
This allowed for connecting on :3000 via telnet to the localmachine and allowed for explorer to be viewed with https://:8080 the correct way enforcing our certificates.
I'm using node js trying to send my web-page to my network, I successfully call localhost:port in my computer using express as server, the webpage loads fine trigger my webcam which I used to streaming in the webpage, and then im working to make a simple app in my phone to directly access my server, so my questions:
1.How do I able to access my server from different devices in the same wireless-network? by calling ip + port ?192.168.1.104:9001 ? cause i've tried and it didnt work.
2.I've found https with .pem something like that, is that the answer ? is there also any other way ?
3.maybe any advice before i work to make my web-app to devices? using koa? i don't even really know what is that, but i'm happily take any advices.
EDIT: i've read How could others, on a local network, access my NodeJS app while it's running on my machine?
let's say I simply using random router, so i can't configure my router-port, my server in my pc and my phone join in the same network, trying to access the server in my phone
1.How do I able to access my server from different devices in the same wireless-network?
All you need to do is find your server's IP address in this same wireless-network, and find the Node.js application's port. Then access the following URL in other devices:
http://{server_IP}:{port}
However, there are some points need to check:
Need to check firewall and confirm the port is not blocked, server IP is not blocked by test device, and test device IP is not blocked by server.
Need to check whether there is any Proxy setting in server and test device. If there is any, disable the proxy.
A computer may have many IP addresses at the same time, you need to find the correct one in the same wireless-network. For example, If you install a virtual machine software such as VMware and run a virtual system inside, your real computer will get IP address as 192.168.*.* -- this IP address looks like an intranet IP in wireless-network, but it is not, and can never be accessed by test device.
2.I've found https with .pem something like that, is that the answer?
No, HTTPS has nothing to do with this problem. HTTPS just add security (based on HTTP layer), it does not impact any HTTP connectivity. Actually, to minify the problem, it is better to only use HTTP in your scenario.
There is only one very special case that may bring your problem by HTTPS -- the test machine is configured and will block any non-HTTPS connection for security.
3.maybe any advice before i work to make my web-app to devices? using koa?
My suggestion is: As there is an HTTP connectivity issue, the first step is trying to find the root cause of that issue. Thus, it is better to make a simplest HTTP server using native Node.js, no Koa, no Express. In this way, the complexity of server will be reduced, which makes root cause investigation easier.
After the HTTP connectivity issue is fixed, you can pick up Koa or Express or any other mature Node.js web framework to help the web-app work.
4.let's say I simply using random router, so i can't...
Do you mean your server get dynamic IP address by DHCP? As long as the IP is not blocked by test device, it does not matter.
I'm getting stuck here, so i have an amazon ec2 (standard redhat server) host up and working. i can connect to it personally no problem, however it cannot be connected to outside of my ip.
I've checked the rules and i have port 80 and 3000 open to 0.0.0.0/0 to be able to communicate, however outside of my computer (and computers in this network) i can not connect.
Everything I've found is about connecting to ssh which works fine, i have no rules in iptables, i haven't dealt much with them before, but since i can connect to the service i don't think its the issue.
summary:
Web server is running, i can connect from my computer to it, and any others in my local network, but nothing outside of it works.
i do have httpd installed as well as a simple forward from the browser to port 3000, however i cant connect to it either from outside my network.
so this is a new one for me, the dns forwarding works in houst, but not outside. so inside and outside here, i can use IP address to connect, but inside only i can connect with my dns lookup. not sure what caused this, but its not an amazon problem at least. going to look at that side.
I've been developing locally on a little ubuntu netbook with xampp for about 7 months. Two weeks ago I got a computer I'd like to use as a server. I've installed the latest Ubuntu distribution and xampp, moved all my files over, and forwarded port 80. I've also got a domain name from dyndns.com which is being updated by a client which runs in my router (a Netgear WGR6154 v8).
Now, when I try to access my server by typing in the address I got from dyndns.com the browser loads until it timesout. I can access everything locally using localhost as the address so I believe xampp is running, just unable to connect with the internet.
In order to be able to view my files over the internet what should I do next?
Thanks to all in advance...
[I'm starting a bounty for the first person to help me get my files successfully online]
You have a combination of issues here, and that is something of a problem. Each issue is complex in an of itself. Here is what I would recommend to get you going for certain.
First verify that you can surf the web from your server. This will confirm that you have a working ethernet interface.
Step 1 make sure that XAMPP, and your files are viewable from your home network. I assume you are using something like 192.168.1.X for your network and perhaps your server is 192.168.1.10
Go to another computer in your house and type http://192.168.1.10/ and see if you can see your files. If you can then you know that the server is properly configured and XAMPP is working.
Then add an entry to your hosts file to resolve yourdnsrecord.com (or whatever your dyndns record is) to your private ip address. Then when you type yourdnsrecord.com into a browser from that computer you should still get your files. This will rule out your server being improperly configured to listen for that domain name.
Next you need to test to see if there is a firewall problem. To simplify this, first remove your home router from the equation. Instead, place your new server directly onto your internet connection. (assuming you can). This way, you do not need to have NAT or firewalls properly configured. Your dyndns name should map to a public IP and your server should then have that IP and be connected directly to the Internet. If you have your server directly connected, and the command ifconfig from the root prompt returns the same public IP address that your dynamic dns record is point to, then it should work.
It will make your life easier if you have an iphone or some other way to test how your network is seen from the Internet.
If your public IP as shown by ifconfig is different than the IP record in your dyndns account, then your dynamic dns update script is broken. manually set the IP, and see if things work.
It is very possible that this will not work. Some ISPs firewall port 80 preventing their subscribers from hosting servers. Once you have your server directly connected to the internet you can test this (even if your dns is not working) by using the public IP address. As root, type ifconfig from the command prompt to get your public ip address. Then type the command tcpdump -i eth? port 80 from the root prompt. eth? needs to be the same interface that you saw had a public IP address from the ifconfig command. usually this is eth0 but it might be wire0 or something like that.
This command will show you all traffic coming on port 80 to your server.
From an iphone (or whatever second Internet connection you have) browse to the IP address that you got from your ifconfig command. If you see something on your server (and it is directly connected to your ISP) then your ISP is not firewalling you.
If you can get to your server, when it is directly connected to the Internet, either by IP address or by DynDNS address, then your ISP is OK and it is time to debug your firewall.
Two things need to work for your firewall to be configured NAT, where the public address that your router gets from your ISP is converted into your private network and a firewall rule which permits that traffic. If you get this far, then you know your firewall is the problem and then it is just a matter of getting its configuration correct. There are far to many home routers to document here, but you usually can find how-to instructions for your router for this task from the manufacturers website (usually it is part of the manual)
If you follow these instructions exactly you will get your system working. Make comments on the process and I will be happy to modify this to make it clearer.
HTH,
-FT
You should make sure your xampp is not listening to only the localhost.
to do so edit your apache configuration file and check and search for Listen directive
you should be able to know also by analysing the output of netstat -a.
After that make sure your router is forwarding properly, using tcpdump would help.
drop me a comment if you need more help.
Cheers