[SOLVED] Address not reachable after fresh installation

hi,

i just made a brandnew installation of yunohost in its latest version on a raspberry pi 4 4gb which i access via the browser. installation worked fine, when it came to set a domain, i used nohost.me (buches.nohost.me) and set port forwarding on my router.

problem: when i try to access buches.nohost.me or an installation on it, it says the address is not reachable?

how can i solve this problem?

thanks in advance

Can you have a look into the Diagnosis section of the webadmin and share the results ?

thanks for the quick reply!

obviously there are some port issues and the ip is blaklisted (how come). could you give some hints to solve these issues please?

=================================
Base system (basesystem)

[INFO] Server Hardware Architektur ist bare-metal armhf

  • Server Platinen Modell ist Raspberry Pi 4 Model B Rev 1.2

[INFO] Server läuft unter Linux-Kernel 5.4.51-v7l+

[INFO] Server läuft unter Debian 10.6

[INFO] Server läuft YunoHost 4.0.8 (stable)

  • yunohost Version: 4.0.8 (stable)
  • yunohost-admin Version: 4.0.4 (stable)
  • moulinette Version: 4.0.3 (stable)
  • ssowat Version: 4.0.4.1 (stable)

=================================
Internet connectivity (ip)

[WARNING] DNS Auflösung scheint zu funktionieren, aber seien Sie vorsichtig wenn Sie eine eigene /etc/resolv.conf verwendest.

  • Stattdessen sollte diese Datei ein Softlink auf /etc/resolvconf/run/resolv.conf sein, die auf sich selbst zu 127.0.0.1 zeigt (dnsmasq). Der eigentlich Auflösende sollte in /etc/resolv.dnsmasq.conf konfiguriert werden.

[SUCCESS] Der Server ist mit dem Internet über IPv4 verbunden!

  • Globale IP: xx.xx.xx.xx
  • Lokale IP: 192.168.178.67

[SUCCESS] Der Server ist mit dem Internet über IPv6 verbunden!

  • Globale IP: xx:xx:xx:xx:xx:xx
  • Lokale IP: fe80::98ff:aecc:2721:bb28

=================================
DNS records (dnsrecords)

[SUCCESS] Die DNS-Einträge für die Domäne maindomain.tld (Kategorie basic) sind korrekt konfiguriert

[SUCCESS] Die DNS-Einträge für die Domäne maindomain.tld (Kategorie mail) sind korrekt konfiguriert

[SUCCESS] Die DNS-Einträge für die Domäne maindomain.tld (Kategorie xmpp) sind korrekt konfiguriert

[SUCCESS] Die DNS-Einträge für die Domäne maindomain.tld (Kategorie extra) sind korrekt konfiguriert

=================================
Ports exposure (ports)

[ERROR] Port 22 is not reachable from outside.

  • Exposing this port is needed for admin features (service ssh)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

[ERROR] Port 25 is not reachable from outside.

  • Exposing this port is needed for email features (service postfix)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

[ERROR] Port 80 is not reachable from outside.

  • Exposing this port is needed for web features (service nginx)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

[ERROR] Port 443 is not reachable from outside.

  • Exposing this port is needed for web features (service nginx)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

[ERROR] Port 587 is not reachable from outside.

  • Exposing this port is needed for email features (service postfix)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

[ERROR] Port 993 is not reachable from outside.

  • Exposing this port is needed for email features (service dovecot)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

[ERROR] Port 5222 is not reachable from outside.

  • Exposing this port is needed for xmpp features (service metronome)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

[ERROR] Port 5269 is not reachable from outside.

  • Exposing this port is needed for xmpp features (service metronome)
  • To fix this issue, you most probably need to configure port forwarding on your internet router as described in httxs://yunohost.org/isp_box_config

=================================
Web (web)

[ERROR] Domain maindomain.tld appears unreachable through HTTX from outside the local network.

  • Connection error: could not connect to the requested domain, it’s very likely unreachable.

=================================
Email (mail)

[SUCCESS] The SMTP mail server is able to send emails (outgoing port 25 is not blocked).

[ERROR] The SMTP mail server is unreachable from the outside on IPv4. It won’t be able to receive emails.

  • Could not open a connection on port 25 to your server in IPv4. It appears to be unreachable.
    1. The most common cause for this issue is that port 25 is not correctly forwarded to your server.
    2. You should also make sure that service postfix is running.
    3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.

[ERROR] The SMTP mail server is unreachable from the outside on IPv6. It won’t be able to receive emails.

  • Could not open a connection on port 25 to your server in IPv6. It appears to be unreachable.
    1. The most common cause for this issue is that port 25 is not correctly forwarded to your server.
    2. You should also make sure that service postfix is running.
    3. On more complex setups: make sure that no firewall or reverse-proxy is interfering.

[ERROR] The reverse DNS is not correctly configured in IPv4. Some emails may fail to get delivered or may get flagged as spam.

  • Current reverse DNS: 128-247-14.fonira.net
    Expected value: maindomain.tld
  • You should first try to configure the reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).
  • Some providers won’t let you configure your reverse DNS (or their feature might be broken…). If you are experiencing issues because of this, consider the following solutions:
    • Some ISP provide the alternative of using a mail server relay though it implies that the relay will be able to spy on your email traffic.
    • A privacy-friendly alternative is to use a VPN with a dedicated public IP to bypass this kind of limits. See httxs://yunohost.org/#/vpn_advantage
    • Or it’s possible to switch to a different provider

[ERROR] The reverse DNS is not correctly configured in IPv6. Some emails may fail to get delivered or may get flagged as spam.

  • Current reverse DNS: ipv6.dsl.fonira.net
    Expected value: maindomain.tld
  • You should first try to configure the reverse DNS with maindomain.tld in your internet router interface or your hosting provider interface. (Some hosting provider may require you to send them a support ticket for this).
  • Some providers won’t let you configure your reverse DNS (or their feature might be broken…). If your reverse DNS is correctly configured for IPv4, you can try disabling the use of IPv6 when sending emails by running ‘yunohost settings set smtp.allow_ipv6 -v off’. Note: this last solution means that you won’t be able to send or receive emails from the few IPv6-only servers out there.

[ERROR] Your IP or domain xx.xx.xx.xx is blacklisted on SPFBL.net RBL

  • The blacklist reason is: “httxs://matrix.spfbl.net/xx.xx.xx.xx”
  • After identifying why you are listed and fixed it, feel free to ask for your IP or domaine to be removed on httxs://spfbl.net/en/dnsbl/

[SUCCESS] 0 pending emails in the mail queues

=================================
Services status check (services)

[SUCCESS] Dienst avahi-daemon läuft!

[SUCCESS] Dienst dnsmasq läuft!

[SUCCESS] Dienst dovecot läuft!

[SUCCESS] Dienst fail2ban läuft!

[SUCCESS] Dienst metronome läuft!

[SUCCESS] Dienst mysql läuft!

[SUCCESS] Dienst nginx läuft!

[SUCCESS] Dienst php7.3-fpm läuft!

[SUCCESS] Dienst postfix läuft!

[SUCCESS] Dienst redis-server läuft!

[SUCCESS] Dienst rspamd läuft!

[SUCCESS] Dienst slapd läuft!

[SUCCESS] Dienst ssh läuft!

[SUCCESS] Dienst yunohost-api läuft!

[SUCCESS] Dienst yunohost-firewall läuft!

=================================
System resources (systemresources)

[SUCCESS] The system still has 3.4 GiB (90%) RAM available out of 3.7 GiB.

[INFO] The system has only 100 MiB swap. You should consider having at least 512 MiB to avoid situations where the system runs out of memory.

  • Please be careful and aware that if the server is hosting swap on an SD card or SSD storage, it may drastically reduce the life expectancy of the device`.

[SUCCESS] Storage / (on device /dev/root) still has 25 GiB (92.6%) space left (out of 27 GiB)!

[SUCCESS] Storage /boot (on device /dev/mmcblk0p1) still has 198 MiB (79%) space left (out of 252 MiB)!

=================================
System configurations (regenconf)

[SUCCESS] All configurations files are in line with the recommended configuration!

`

Wokay so let’s forget about the bunch of warning for emails for now (it’s kinda expected that the reverse proxy is not configured properly because that has to be done manually etc… even being blacklisted is expected at first (sometimes due to the reverse DNS, or because of being hosted @ home))

The main issue seems to be that your port forwarding on your router is not properly configured so first I would double-check that

thanks, i doublechecked and it looks much better now:

https://paste.yunohost.org/raw/fewivunaji

unfortunately, it still says that the ipv6 ports are not reachable, my router (fritzbox) says that they are open. is there something to change in the installation?

Eh yeah not sure exactly what to do about the IPv6 … it can be dependent on how your router behaves and the exact configuration of everything so it’s difficult to help with that remotely …

If the issue persists you can also disable IPv6 entirely system-wide :confused:

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.