michaelb

Thanks so much! Yes, some hosts can be publicly available, some of them should only be available internally (and when I am outside my LAN through VPN). In my access list, I have my LAN IP range (192.168.1.0/24) and the one that my VPN assigns to its clients (192.168.2.1/24). My understanding was, that I should also add my external IP, which is a static IP I get from my ISP. When I am outside my LAN and connecting to my VPN, this is external IP I have. With this setup, I can still not access the hosts through VPN via the domain, just by using their IP address and port. Any ideas?

Hi everyone, I have successfully set up Nginx Proxy Manager. When making the Proxy Hosts publicly available, I can access them both from my LAN as well as from the web via my domain. Now, I would like to make access more restrictive: the Proxy Hosts should only available locally or, when I am outside of my LAN, I would like to connect to my VPN (on my Unifi USG) and then access the Proxy Hosts. So I have specified an access list with the static IP I get from my ISP, also my LAN IP and VPN IP. Still, when I am outside my LAN and connecting via VPN, I get the "403 forbidden" message. I can still access the services via their IP and port but not using the domains I created. Is there anything else I need to think of (e.g. firewall rules, changes to the access list)? Do you have any advice how I can check (e.g. in logs) to see what's going wrong? Thanks!