My port 443 can't be reached

Help
21

User @Leavii has been update to basic user (Trust Level 1).

2 Likes
22

TY TY TY

1 Like
23

Thank you! Going back :smiley:

3 Likes
24

OK the NAT seems correct.
Now onto the firewall rules.
Show and tell :slight_smile:

25

Still said I had to wait 22 hours so I will stay on this one for now. I also didn't have the Disco bot message on that account as I do on this one. So firewall rules...

1 Like
26

Here we are..

image
image1023×361 27.3 KB

27

How does anything get in at all?

Is there a quick-start guide or something for that router?

To me, it seems like line one is just the opposite of line two.

  1. Allow things in state
  2. Drop thing not in state

That works great for outbound I guess.
But how does anything inbound pass initially to get into state????

28

Here are my routes. I have a NetOnix that powers APs, etc... but I am direct into the ER with this host. Not sure what you are needing, but I can reach the site and the others all fine and never have had any issues with anything going in or out.

image
image1308×29 1.99 KB

29

Your other user shouldn't have those replies limitation now, maybe you should logout and login to activate the changes but no problem using your new user but take care or you will reach the replies limitation again.

1 Like
30

I will log out and in again to test. Thanks!

31

This is NOT a routing problem.
It's an accessibility problem.
Can you add a rule that says:

Source *
Dest {your outside IP}
Protocol {HTTPS or TCP 443}
Action accept

32

I have it bridged to the internal DHCP scope.

33

Yeah I will give it a shot.

34

So it there a separate router and firewall?

Can you hit the site locally?
curl -Iki https://192.168.1.87/

[from the server itself]

35

No just this one firewall for the host. Before the firewall is the modum.

curl -Iki https://192.168.1.87 returns:

@linux00:~$ curl -Iki https://192.168.1.87/
HTTP/1.1 301 Moved Permanently
Date: Sun, 24 Jan 2021 19:59:33 GMT
Server: Apache/2.4.41 (Ubuntu)
X-Redirect-By: WordPress
Location: https://jackiesmcs.com/
Content-Type: text/html; charset=UTF-8
1 Like
36

OK so the modem is in bridge mode.
Then the firewall is what you have been showing.
I think we need that rule there [in the firewall].

What choices/options does it show for "protocol" ?

37

The modem is not in bridge mode just passes the public IP. The bridge interface is to 192.168.1.1/24.

Protocol options:

image
image591×553 23.3 KB

Under Protocol by name there is not an HTTP or HTTPS option.

38

After logging out and back in it says I still have 21 hours to wait.

39

My WAN goes to ETH0 from the modem.

image
image1416×57 6.86 KB

40

What happens when you chose "TCP" ?

What happens when you chose "Choose a protocol by name" ?