SOLVED Can't connect outside to inner TrueNAS services using traefik

[Ite-me]

Hi all,

I'm trying to do some reverse proxy using traefik in a jail but I don't have any response.

Step I did:
Check if services are available with inner ip adress
Check if traefik is linked to services (on dashboard all services are green)
Got a domain name
Link domain name and sub domain name to a dyn dns
Link dyn dns to my provider
open port 80 and 443
Link incomming traffic to traefik jails

I tried looking some traffic with tcpdump but nothing usefull (with my understanding and knowledge)
And I looked in traefik logs but nothing here too

Version: TrueNAS-12.0-U4 (last one at the moment)

 

[danb35]

What service(s) are you trying to access using Traefik? And what happens when you try?

 

[Ite-me]

I got some services and firefox just say that he can't reach them
Connexion Failed

 

[danb35]

How do you have those running--as plugins? Have you set them up in jails yourself? Because that doesn't look like any screen I've ever seen in TrueNAS.

 

[Ite-me]

Its the default plugin page I used the plugin install too

 

[danb35]

Are you able to connect to these plugins, through the Traefik proxy, inside your network?

 

[Ite-me]

When I ping every jail's IP it works yes

 

[danb35]

That's good, I guess, but it has nothing to do with the question I asked.

 

[Ite-me]

Whats the question so ?
When I'm on the traefik jail I can ping services jail. Is there another way to test connexion ?

 

[danb35]

Whats the question so ?

I don't know how I can make it any clearer:

Are you able to connect to these plugins, through the Traefik proxy, inside your network?

"Connect through the Traefik proxy" can't reasonably be interpreted as "ping the jails from the Traefik jail".

 

[Ite-me]

Check if traefik is linked to services (on dashboard all services are green)

So maybe the description of the initial post can help ?

My traefik is well connected to services i guess

 

[Ite-me]

Are you able to connect to these plugins, through the Traefik proxy, inside your network?

the traefik app link services with reverse proxy and when i try accessing home.*** from a computer in my network it doesnt work. But when looking for traefik dashboard all services are well connected

Hope this will answer the question

 

[Ite-me]

To add some details:
I tried this on my network (computer on the network but not the trueNAS)
/etc/hosts (file)

So i guess it answer the question : Yes services are accesible for traefik

 

[danb35]

Yes services are accesible for traefik

That appears to be the case. So what happens when you try from outside your LAN?

 

[Ite-me]

So what happens when you try from outside your LAN?

Just have some connection error page from Firefox

Something like this (I get a picture from internet bc mine is in french)

 

[Ite-me]

SOLVED - Can't connect outside to inner TrueNAS services using traefik

Hi all, I'm trying to do some reverse proxy using traefik in a jail but I don't have any response. Step I did: Check if services are available with inner ip adress Check if traefik is linked to services (on dashboard all services are green) Got a domain name Link domain name and sub domain...

www.truenas.com

I tried to do the same as this post but with my router IP and it doesn't work. I guess it can be my router that just kick me out but I did some rules to let open ports 80 and 443 to go through.

 

[danb35]

it doesn't work.

"It doesn't work" is not helpful, because there are roughly 100 ways something could "not work", as a result of roughly 100 problems. "Some connection error page" is similarly unhelpful; posting a random screen shot of a different browser error is even less helpful, unless you're certain that it's exactly the same error translated into English.

But taking you at your representation that the picture you posted does actually reflect the error you're getting, it would look like port 80 isn't open to connections from outside. This could mean that you didn't enter your port forwarding rules properly (double-check with the documentation for your router on this). It could also mean that your ISP is blocking inbound port 80--this is quite common for residential ISPs in .us; I don't know about other parts of the world. Are you able to connect via HTTPS?

 

[Ite-me]

"It doesn't work" is not helpful, because there are roughly 100 ways something could "not work", as a result of roughly 100 problems. "Some connection error page" is similarly unhelpful; posting a random screen shot of a different browser error is even less helpful, unless you're certain that it's exactly the same error translated into English.

I get the screen because it were the same error translated.

But taking you at your representation that the picture you posted does actually reflect the error you're getting, it would look like port 80 isn't open to connections from outside. This could mean that you didn't enter your port forwarding rules properly (double-check with the documentation for your router on this). It could also mean that your ISP is blocking inbound port 80--this is quite common for residential ISPs in .us; I don't know about other parts of the world. Are you able to connect via HTTPS?

This is the rules on my router

 

[Ite-me]

I asked to a friend to try the connexion from outside the network and all work well... So my issue is and was that I can't connect from inside my network to my domain name who redirect to my own router I guess.

If you know (maybe just some conf ?) how to get this to work would be great sorry for the time use before...

What I want precisly to work:
Computer inside my network to connect to sub.my_domain.com and not to 192.168.1.*
actually I need to edit host file but its not friendly for people

 

[Ite-me]

Just to end the conversation I got some more information on my provider and it doesn't do (or allow ?) to do something call the loop back. So I can't access my services from inside using the domain name.

Solved