1

I have self-hosted web-server in internal network which i can access from external network with FQDN. I would like to access same server from internal network with same FQDN also.

I have configured my router to use my own DNS-server which is located in my internal network. I can access that and other machines with FQDN via SSH in my internal network, which has A-records in my DNS-server. But i cannot access that web-server (and actually one other "not internet facing" web-server) with FQDN via browser. I can access those with internal IP via browser.

I guess this is DNS related problem. I know something about basic networking and servers, but when it comes to DNS, i'm out of luck.

Related equipment:

  • Ubiquiti Edgerouter acting router+firewall. Configured to use internal DNS-server. FW port forward ports 80 and 443 to my Reverse Proxy.

  • Nginx reverse-proxy server handling LetsEncrypt certs and forwarding traffic to my web-server. <-- seems to work fine(can access that web-server from external network with FQDN. SSL work also).

  • Web-server using Apache2. Browser can access with local IP, not FQDN.

EDIT:

  • Nameserver - Records created with Webmin GUI

Any ideas?

Improve this question
3
  • Describe what happens when you try to access the server with FQDN. Commented Jan 5, 2022 at 11:38
  • From external network: Everything looks fine. Site works as it should, SSL and SSL-redirect works. From internal: browser says basic: "Unable to connect" Commented Jan 5, 2022 at 11:40
  • "Problem loading page" Commented Jan 5, 2022 at 11:42

1 Answer 1

Reset to default
0

I don't know much about ubiquiti gear, but could be a hairpin nat missing.

The docs says it's enabled by default when you forward a port, but worth checking it.

Improve this answer
2
  • Looks like it was that Hairpin NAT. Thanks for advice! However Certificates does not work. That's because my Reverse-Proxy handles those, not server itself. Maybe i'm gonna just change Certification handling to server itself. If you don't have advice for that? Commented Jan 6, 2022 at 10:45
  • Actually i got certificates working by pointing my internal A-records to my reverse-proxy. I lose ability to ssh in exposed server with DNS record but that's not a big problem Commented Jan 7, 2022 at 8:16

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.