Unable to log in from the internet.

DarkCorner

Explorer
Joined
Oct 23, 2022
Messages
66
I have a static public IP with a FritzBox 7530AX router.
I placed TrueNAS-SCALE-23.10.1.3 immediately downstream of the FritzBox router with static IP assigned by its DHCP.
I configured the router to enable port 33333 on this static NAS address.
From a second PC connected to the Internet I tried both domain.tld:33333 and Static-IP:33333.
but the login page does not appear.

Do I need to enable anything on the NAS?
Where am I wrong?
 

LarsR

Guru
Joined
Oct 23, 2020
Messages
684
The truenas gui uses port 80 for http and 443 for https... where did you get port 33333 from?
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,313
Furthermore, the TrueNAS UI isn't designed or hardened to be accessible from the public Internet. Put it behind a VPN or other secure network.
 

DarkCorner

Explorer
Joined
Oct 23, 2022
Messages
66
The NAS is placed in a DMZ behind a firewall with HA Proxy as a reverse proxy.
Port 33333 is for not using port 443; you can indicate it in the configuration.
However, since it is currently not reachable through the firewall and since I couldn't find any errors, I tried to make it public by inserting it directly into the Internet immediately downstream of the router.
And actually it can't be reached this way either, so I ask if there isn't a block inside the TrueNAS that needs to be eliminated.
 

danb35

Hall of Famer
Joined
Aug 16, 2011
Messages
15,313

Ericloewe

Server Wrangler
Moderator
Joined
Feb 15, 2014
Messages
20,071
I'm not sure why you think that makes it a good idea.
I'm not sure how the expression "DMZ" can be interpreted as anything other than "keep stuff out of here" - it is general knowledge that the "Demilitarized" part refers to being violently demilitarized by gunfire from the other side upon stepping in, right?
 

DarkCorner

Explorer
Joined
Oct 23, 2022
Messages
66
As I was saying, the NAS is publicly esposed only for testing. When I'm not doing tests it's off.

You confirm that there are no blocks, as I thought. So, the test is over.

I didn't understand why the NAS shouldn't be in the DMZ.
 
Top