Normally, this would not be a desired configuration, but I am setting up a NextCloud server, and to validate the domain, it requires that it be able to access it through the public IP address. No matter what I do, I cannot get this to work. It specifically needs port 443, but I cannot reach port 80, 8080, nor 443 from inside the firewall (OPNSense), when using the FQDN. DNS queries are resolving properly with the WAN IP, I have opened the ports outgoing in order to let the server bypass the transparent proxy, and have even port forwarded port 443 outgoing for the server IP to push it past the proxy, but nothing works. If I try to access these ports from outside the firewall (from my cell phone), I have no trouble at all. I know this is unusual, but is there any way to make this work? Someone has to have been able to get NextCloud working at some point, right?
Asked
Active
Viewed 2,935 times
1 Answers
4
In order to access other internal LAN resources within your network using your external IP address through OPNSense, you need to enable the NAT reflection feature. It will rewrite such requests so that they use the internal IP in order to avoid taking a detour and applying rules meant for actual outside traffic. More information on NAT reflection can be found here.
Net Runner
- 6,319