nap @ nap @sh.itjust.works

Posts

1
Comments

11
Joined

2 yr. ago

4d ago

[Vote] Should we defederate from maga.place?
Jump
nap @sh.itjust.works 4d ago
Yes

6mo ago

Need Support: DMZ at home with nginx proxy to LAN

Update: ditched the second OpnSense and figured out that MTU discovery with PVE and stuff needs some hard tweeking. Got it to work now. Hit me up for guidance 😅

9mo ago

Need Support: DMZ at home with nginx proxy to LAN

Jump

nap @sh.itjust.works 9mo ago

Should the nginx Proxy receive that package? If i trace between the LAN Host and GW, there are no Public IP's

9mo ago

Need Support: DMZ at home with nginx proxy to LAN

Jump

nap @sh.itjust.works 9mo ago

I think I let it rest for a day, I'm confused

9mo ago

Need Support: DMZ at home with nginx proxy to LAN

Jump

nap @sh.itjust.works 9mo ago

Hm, could be a little bit much but Public IP -> WG0 -> Proxy -> Router -> Server and back should not be ok?

9mo ago

Need Support: DMZ at home with nginx proxy to LAN

Jump

nap @sh.itjust.works 9mo ago

What? That's totally confusing. Took my Laptop (192.168.35.242), tethered to my Mobile (192.168.35.116) and wiresharked. 192.168.35.0/24 should never ever be a part of my Network.

9mo ago

Need Support: DMZ at home with nginx proxy to LAN

Jump

nap @sh.itjust.works 9mo ago

Never got the time to learn to read Captures :'(

At a time I tried to use two proxies but I changed it back to one. The host I try to reach is a Docker Host with Immich running. So the only real proxy should be "192.168.1.1".

9mo ago

Need Support: DMZ at home with nginx proxy to LAN

Jump

nap @sh.itjust.works 9mo ago

There is one DNAT rule at the public OPNsense routing the HTTP/s traffic to my proxy. Inside my DMZ an LAN is no NAT, only routing. Back out again there is a Masq/SNAT rule for my local IPs