Access webtop or roundcube using IP?

Is there a way to access webtop or roundcube using IP?
I have an issue (mostly my setup issue, but cannot resolve directly) where internal/external DNS + VPN between home and work doesn’t allow me to reach my mail clients using their declared FQDN, which only work from inside my home LAN and they are set to use “external” domain. (i.e. webtop.mydomain.com not webtop.local.mydomain.com)

The issue seems to be more complex actually.
Although I have a VPN between home and work and EVERYTHING (any IP any port of the two networks) passes through fine both directions…
With NS8 I seem to not be able to access my NS8 own IP! It doesn’t even ping over VPN! This very weird and can only be attributed to own NS8 firewall or something.

So my issue is two fold:

1. Why I cannot see my NS8 over VPN (LAN-to-LAN where all other LAN works).

2. How could I reach webtop and/or roundcube with IP for networks where FQDN doesn’t pass through ok? Seems that NS8 has implemented its own reverse proxy (?)… is there any way to do it?

(I can explain more about how DNS is implemented in my setup and why VPN confuses ONLY requests to “external” domain - but this is not an NS8 issue… I can probably circumvent this with static hosts entries… but the issue of not reaching NS8 even with IP is a showstopper anyway)

My VPN is NOT NS8 VPN.
It is IPSec VPN router-to-router.

Good Morning Nick. I hope you are having a great day. If we are talking about getting to Webtop 5 locally on a network, I am able to get Webtop 5 on local lan by setting up the following in treafic in NS8 by stepping through the following -

1. Goto “Settings” on right-hand menu
2. Goto “HTTP routes”
3. Select “Create route”
4. Name - I add webtop-local
5. Node - should be Node 1 (* as long as you only have 1 Node)
6. URL - add http://127.0.0.1:20023
7. Skip certificate - per your setup, you choose. (for testing disabled)
8. Host - don’t add anything
9. Path - add /webtop
10. Strip URL - disabled
11. Request Lets Encrypt - per your setup, you choose. (for testing disabled)
12. HTTP to HTTPS - per your setup, you choose. (for testing disabled)

It should look something like the following screenshot.

2024-09-24_09-47921×933 31.7 KB

Lets say you are on a ip network of 192.168.x.x and your server is at 192.168.40.5

After creating the HTTP route you should be able to get to your webtop locally by typing (ip route) the following: (example below)

https://192.168.40.5/webtop

I am still working on getting roundcube, nextcloud and the like working locally. I will let you know if I crack the code on the others.

Hope this helps.

Jeff

Ah so you “identify” webtop by adding a path and not an FQDN. Will try.

The problem is that then I hit is #1 in my OP.
For some reason I also don’t access the IP of my NS8 over VPN.
It would mean a badly configured VPN or something else, but thing is, my NS8 is the ONLY destination I cannot touch over VPN. I can access everything else.

In other words over VPN I cannot even see this:
https://[my NS8 LAN IP]/cluster-admin

Once you set up Webtop how I showed you, it should at least allow you to access the Webtop locally.

The VPN part seems to be a separate issue. Just based off what you have said so far I would suspect NS8 treafic and VPN are not on the same page.

You will need to give us more information on the setup of your network. That way we have an understanding, we can track and help you find an answer. Can you tell us more about your VPN? Is the VPN through a separate Firewall or through NS8.

It is not very complex.
I have IPSec VPN between my home network and work network routers. So it is normally transparent to my LAN.

I will not bother you with my DNS setup because this happens WITH IP - if we resolve this, then I can look into if DNS works ok (note it worked great with NS7).
Just for completeness: Work side, Windows Server DNS, home side, Technitium. I have also full access to EXTERNAL DNS for both work and home domains.
But again - don’t bother with this, it is an IP issue.

I suspect it has something to do with either

• NS8 own self-configured firewall (help?)

• or with NS8 implemented with an “internal” VPN, making traffic go more than one NAT (my work VPN side doesn’t know how to reach “inside” NS8 VPN (should it?)…
  (and in my work stupid router it is not possible to add more than one network to point to my home side)

…btw your solution with /webtop path works fine locally (I can access webtop using /webtop and any FQDN or IP that refers to NS8), but still not over VPN, as the problem is IP access to NS8.

Question still remains.
Without using reverse proxy (http rutes), there is no way to access internal services like roundcube via IP and some port?

I would state no. I think tricks could be done with the http route of ns8 but I would prefer to use dns to solve your issue. Saying that because if you look mariadb we use a webpath and no fqdn

With NS8 we need to use fqdn to share among container and good dns resolutions are very important

In my home lab I have a dns server that i can use locally or remotely with a vpn. Fqdn even only resolved locally can be accessed remotely

My DNS works fine too.
I just wanted to eliminated extra steps to resolve my issue.

Go to the settings > http routes and create a web path that you redirect to the tcp port of the module. Be aware that some modules could use several ports. The one that is interesting you is the tcp port redirected to the tcp 80 of the container

For example

20011 server → 80 container

To find it

runagent -m roundcubemail1 podman ps

I found the IP issue, so I don’t need this any more (see respective thread), but this info is useful for FAQ.

so please accept the solution to the relevant post, it will help other

you can click on the checkbox to validate the solution