Comment on Need Support: DMZ at home with nginx proxy to LAN
teslasaur@lemmy.world 2 months agoIts possible, depending on how you’ve setup your NAT, that the traffic cant return due to coming from a public ip.
Comment on Need Support: DMZ at home with nginx proxy to LAN
teslasaur@lemmy.world 2 months agoIts possible, depending on how you’ve setup your NAT, that the traffic cant return due to coming from a public ip.
nap@sh.itjust.works 2 months ago
There is one DNAT rule at the public OPNsense routing the HTTP/s traffic to my proxy. Inside my DMZ an LAN is no NAT, only routing. Back out again there is a Masq/SNAT rule for my local IPs
teslasaur@lemmy.world 2 months ago
Then i assume there is something wrong in the routes from your lan when returning traffic that got initiated through the internet opnsense. If you can see traffic hit the LAN network, all should be well on the way in.
nap@sh.itjust.works 2 months ago
Hm, could be a little bit much but Public IP -> WG0 -> Proxy -> Router -> Server and back should not be ok?
teslasaur@lemmy.world 2 months ago
It looks incredibly convoluted. My best guess is that traffic hits 172.168.1.254 and gets routed out on the internet and doesn’t pass the dmz.