rg305
November 17, 2021, 6:41am
22
The picture seems to indicate that :84 will be used for HTTPS by test server at IP 192.168.200.121
Is there another redirect entry for port 80?
If so, to which IP:port
does that go to?
I'm assuming that if there is only one server, then all the redirects go to the same IP.
I can work with whatever there is, I just need to know what is there.
1 Like
rg305
November 17, 2021, 6:46am
24
Ooooohhhhh!
One server but it is using virtual machines!
OK which IP gets the redirection for port 80?
[Excellent picture BTW]
2 Likes
ZAK
November 17, 2021, 6:47am
25
port 80 didn't assign sir.
[LE dev need to add react button]
1 Like
rg305
November 17, 2021, 6:48am
26
The router/firewall doesn't redirect 80 to an internal IP?
[the same device you showed the port 84]
Yeah! all we get is a single button
1 Like
rg305
November 17, 2021, 6:51am
27
It's like this site is only for the socially dysfunctional - ROFLMAO
Blame discourse
not LE
3 Likes
ZAK
November 17, 2021, 6:52am
28
Mybe it direct to router. idk sir they just gave me this picture and they want :84 to run with certificate so that I can apply it to in :82
rg305
November 17, 2021, 6:54am
29
What does pfSense
do with the inbound port 80 requests?
What is the IP of the system where you ran nginx -T
?
Is that 192.168.200.121?
1 Like
ZAK
November 17, 2021, 6:55am
30
Yes sir. I ran it in 192.168.200.121
Should I run it in the main server ?
1 Like
rg305
November 17, 2021, 6:57am
31
We need to check/modify the HTTP vhost config on the server that gets the port 80 requests.
But we still don't know exactly where they go!
1 Like
rg305
November 17, 2021, 7:00am
32
There are some inherent complexities to using the same name for multiple systems.
SNI fails to distinguish serverA from serverX
when they are ServerA:portX and ServerA:portZ
All HTTP authentication requests for EXAMPLE.COM will go to only one system/server/IP.
ServerA:port80
It would really be more... useful if each server had its' own name.
Like:
mindset81.ccgeo.info = 45.202.17.189
mindset82.ccgeo.info = 45.202.17.189
mindset83.ccgeo.info = 45.202.17.189
mindset84.ccgeo.info = 45.202.17.189
2 Likes
rg305
November 17, 2021, 7:03am
33
Now back to the big hurdle in our plan:
Which system gets the port 80 requests?
[without individual names, all requests (certbot
) will have to be processed in one single place]
2 Likes
ZAK
November 17, 2021, 7:07am
34
Sir port 80 is assign in mindset.ccgeo.info. Using pfSense
rg305
November 17, 2021, 7:09am
35
Anyway you can find it will due.
I would start with pfSense
settings...
[presuming that is the first thing encountered from the Internet inward]
The picture you showed looks like pfSense
; Do you have access to that system OR did they just give you a picture?
1 Like
ZAK
November 17, 2021, 7:16am
37
Sir port 80 is assign @ mindset.ccgeo.info using pfSense
rg305
November 17, 2021, 7:17am
38
To which IP does the port 80 go to?
There must be an IP setting (isn't there?).
Or does the pfSense
answer on 80?
1 Like
ZAK
November 17, 2021, 7:18am
39
That public ip address sir
ZAK
November 17, 2021, 7:18am
40
ya mean public sir ? or internal ?
rg305
November 17, 2021, 7:19am
41
Ok, and where does it go from there?
When I do:
curl -Ii http://45.202.17.189/
What system answers me?
something replies with:
HTTP/1.1 200 OK
Date: Wed, 17 Nov 2021 07:19:24 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Mon, 29 Jul 2019 04:00:01 GMT
ETag: "5b9-58ec9ed19c569"
Accept-Ranges: bytes
Content-Length: 1465
Vary: Accept-Encoding
Content-Type: text/html
1 Like
rg305
November 17, 2021, 7:20am
42
We need to find that Apache
server!
[clues]
It shows:
Ubuntu
Apache/2.4.18
1 Like