Fully Qualified Domain name - no access


(David Gordon) #1

System version
NethServer release 7.5.1804 (final)
Kernel release
3.10.0-862.3.3.el7.x86_64

Yesterday I successfully installed NethServer using VirtualBox on a Mac. Most things were going well and I was able to access it using both the IP address and a fully qualified domain name, lets say server.mydomain.tld for simplicity. The DNS for mydomain.tld has an A record pointing to my router and my router port forwards HTTP and HTTPS to the local IP address (192.168.1.100) for the server. SO far so good, I could access NS from my web browser using either the IP address or domain name.

And that’s the expected way it should work as far as I can tell.

Then I installed a Samba Active Directory. Suddenly I could only use the IP address, the domain name wouldn’t get to NethServer.

I gave up and nuked the install. I reinstalled (following slightly different instructions). But despite NS knowing and reporting the correct IP address and domain name I can only access it via the IP address. On a clean install…

The Active Directory may not have been the issue but I wasn’t clear I was installing it correctly. What could I be looking at to solve this?

Thanks


(HĂ©ctor PĂ©rez) #2

Hi @DavidG, I had a similar problema, @davidep help me with the solution:

]#shorewall status
]#shorewall clear

Check samba then:

]#shorewall start

My problem upgrading the server Samba is not working (SSSD accountsprovider error)


Access the web interface
(David Gordon) #3

That’s not doing it for me I’m afraid. Perhaps a different problem.

I can access my NS server test page using the domain name in Firefox. But not Safari. Firefox lets me go to the HTTP page, Safari seems to want to get the HTTPS version and its not available. (Yes, port forwarding is set for HTTPS on the router.)

Disabling the Firewall (shorewall) didn’t change anything. SOmething else stopping HTTPS?


(HĂ©ctor PĂ©rez) #4

Check if VirtualBox is in bridge mode.


(David Gordon) #5

In Network? Yes, I think so. “Bridged Adaptor”.


(David Gordon) #6

Its the certificate. I got a certificate from Let’s Encrypt and that makes the FQDN work. But only for the test web page. Not for the server controls site. You’d think if the certificate was valid it would work for all my pages?


(HĂ©ctor PĂ©rez) #7

Try to disable it, then re-enable, I got let’s encrypt as well You have(but not in the virtual machine).


(David Gordon) #8

I’ve fixed this! Sometims when writing down the problem the answer appears! My answer was to open port 980 on my router. Here’s my problem anyway, in case someone has the same trouble in future…


An update. I have reinstalled NS and once again have a Let’s Encrypt certificate. I believe I should be able to access my Server Manager from either 192.168.1.100:980 or server.mydomain.tld:980 or even server.mydomain.tld/server-manager. (It says so here http://docs.nethserver.org/en/v7/access.html).

At the moment I can access server.mydomain.tld and see the default Apache Test Page but Firefox complains that the “connection is not secure”. But it is connecting to http. If I go to the https page Firefox is happy and I see a green padlock in the address bar.

But I can’t connect to https://server.mydomain.tld:980. Firefox is “Unable to connect”

Using the IP address I can access the Apache Test Page at 192.168.1.200 and again as you would expect Firefox says its not secure. When trying https://192.168.1.200 Firefox says the certificate is wrong because its only valid for server.mydomain.tld.

So the simple question is why can I connect to the Apache Test Page via https but not the Server Manager?


(HĂ©ctor PĂ©rez) #9

@DavidG , You need to point server.mydomain.tld in the DNS of mydomain.tld in other words make a real “FQDN”. You have to open 80 and 443 ports as well, is bit trickie but You can do it following the docinfo.