Need help with port forwarding


Recommended Posts

Hello everyone!

 

I'm a new Unraid user and having some trouble making my setup accessible from outside my LAN.

I followed almost all videos from @SpaceInvaderOne to configure my server, and everything is working great, except for this problem...

 

So, my network setup is INTERNET => pfSense (VM on Unraid) => LAN (Desktop, Unraid Server, phones, etc).

The connection is pppoe (don't know if this information is relevant).

 

I have succesfully configured Wireguard and can use it to access my LAN (Remote Access to LAN) or even browse the internet (Remote Tunneled Access).

 

I installed and configured Letsencrypt, using my own domain domain.com), cloudflare and duckdns.

To test this setup, I'm using Sonarr (sonarr.domain.com).

In my LAN, it opens the Sonarr webui.

If I try to use my phone (4G), it doesn't open at all and after a while the browser give the error "err_connection_timed_out".

 

Well, I believe the problem isn't the port forwarding on pfsense, since it is working without problems on my LAN (using ports 180 and 1443).

Maybe my ISP is blocking port 80.

About this subject, I have a question.

 

 

SpaceiInvader says in this video that the method using DNS verification is useful if the ISP blocks port 80.

(This is a video that will show you how to create an ssl certificate using dns verification. This is useful if your isp blocks port 80 so you cant use http verification. Also using dns verification allows the creation of wildcard ssl certificates.)

So, if my ISP really blocks port 80, why this method isn't working?

 

I really apreciate all the help I can get, since I'm not able to solve this on my own....

I can provide screenshots, logs, whatever is needed.

 

Thanks in advance!

 

Ps. The same thing happened before I installed pfsense, when I was using a router from Asus (RT AC66U).

I already tried to do the process without my domain, using only duckdns, but the server never went to "ready" (it gave the "possible firewall problem).

 

Edit: My cloudflare is already configured to "only DNS" (disable the orange cloud).

 

Edited by luizmont
Link to comment
On 3/15/2020 at 8:30 AM, SpaceInvaderOne said:

@luizmontplease check here if port 443 is open and report back

https://www.yougetsignal.com/tools/open-ports/

Thank you very much for trying to help me!

Love your videos, they are very informative!

 

On 3/15/2020 at 8:30 AM, SpaceInvaderOne said:

please check here if port 443 is open and report back

It says that it is not...

 

 

Here are my firewall rules, the rutorrent and wireguard ones work without any problems.

 

 

And my docker setup

 

 

And a diagram of my network

 

 

Edited by luizmont
Link to comment
1 hour ago, Dissones4U said:

@luizmont I may be over thinking this but I wouldn't post my external IP and various ports on any forum, it's unnecessary. Although it may be less of an issue than I think I'm going to bring @johnnie.black in, just in case the image should be removed.

Appreciate your concern!

My IP is dynamic and already changed, but if it's needed I can remove or edit the images....

Link to comment

So, I have confirmed that my ISP block ports 80 and 443 and as a home user, I can't open them.

What are my options to use reverse proxy with my unraid server?

I read something about "DNS challenge", but don't understand if this is the way to go (or how to implement it).

Thanks in advance!

Link to comment
  • 4 months later...

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.