New to Yunohost and stuck with DNS, IP, and redirection issues

My YunoHost server

Hardware: Not so old computer
YunoHost version: 4.1.6
I have access to my server : Through SSH (both on local network and from internet) | through the webadmin (on local network only) | direct access via keyboard / screen is also working and is an option if needed
Are you in a special context or did you perform some particular tweaking on your YunoHost instance ? : not sure
If yes, please explain:
I first installed and configured the server via a wifi connection, but now it is through ethernet (I finally sorted out the /etc/network/interfaces as my linux knowledge dates 10 years back)
I use a DuckDNS domain and I think the first time I tried to access the server via web it worked (when the server was still through wifi); now in DuckDNS I can see both IPv4 and IPv6 reflect my ISP box, but I can’t access the server via http or https.
Also when the server was still on Wifi I tried to force a Letsencrypt certificate (–no-checks), but in the webadmin it still shows the self-signed certificate anyway

Description of my issue

Hello, despite my best efforts I can’t get to fix the access to my server via internet (“from outside”)
I redirected all ports to my server in my ISP box (BBOX v3+ from belgian provider Proximus). They are redirected to the local server’s IP (which I defined to be static in the DHCP setting).
I don’t know what I am doing or did wrong, so any help would be appreciated!

I ran the diagnostic and here are the errors I still can’t fix:
https://paste.yunohost.org/raw/alazazagaq

Thank you for reading my message!
Alami

Hmmyeah that definitely looks like some misconfiguration of the port forwarding … can you confirm that you used 192.168.1.13 as the local IP in the port forwarding conf ?

Otherwise not sure how to help, maybe a screenshot could be useful just to make sure there’s no obvious mistake

Sure, here’s a screenshot for the port 80.


I did this for every port and protocol that I saw in the Yunohost admin firewall page:

Hmpf yeah that seems to make sense … I don’t really know what to say, it should just work …

Alternatively you could try to put your server as “DMZ” (also in the router configuration) :confused:

It did not help, I still face the same issue.

PS I reconfirm SSH works over the Internet which means that (at least some) ports are redirected correctly.

Also when I ping my domain name it works and displays the correct IPv4 address.

I guess I will restart a new installation from scratch

Did you ever successfully add port forwarding, apart from port 22 for SSH?

At an acquaintance’s place we could not get port forwarding to work, no matter what. It turned out a bug in the firmware of default router of the national telco here (Netherlands).

Same symptoms: nothing got forwarded, not in DMZ either.

I’m not sure an update for the firmware was available; it got swapped for a much newer version.

2 Likes

It’s the first time I try port forwarding… ever :slight_smile:
I’ll reinstall this weekend and then maybe contact my ISP, in case the issue is on their side or the hardware.

I found the culprit!
For my Belgian friends (on Proximus ISP) that may one day face the same issue: The forwarding of ports 23, 80 an 443 are not allowed by default. Nothing in the port mapping interface says it but you can find the info at the bottom of this page:

This can be allowed by lowering the security (access via MyProximus>Parameters)
Then a reboot of the modem/router (unplug 5 seconds).

I have now most things working, except that no ports are accessible via ipv6, which prevents me generating a Letsencrypt certificate, but I can live with it for now.

3 Likes

Not sure what the diagnosis say about this, but it should be fine as long as you do not add the AAAA record on your DNS (otherwise Let’s Encrypt will prioritize AAAA for the acme-challenge and ignore the A record)

1 Like

I am not sure what you mean by this? How would I remove it? (from no host.me and accessorily from duckdns.org)
Thanks

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.