Solved VM Guest routing out to www?

Currently reading
Solved VM Guest routing out to www?

Trying here, before asking the Wordpress community.

I have a Wordpress instance set up on a VM on the Synology. (It talks to a db on separate host, but that shouldn't matter.) Internally it works fine.

One the internet modem I have forwarded 8080 to 80 on the VM. From an external host I can telnet myhost.mydomain.com 8080 and get an immediate response.

I can even load the login page of the WP site in the browser. All this says to me I should be good to go. But as soon as I try to login, the site just hangs there. So there's obviously something I'm missing.
Aside from the fact, there is possibly some WP knowledge I need to understand, is there anything idiosyncratic w.r.t. the Synology I need to understand pls?
 

Rusty

Moderator
NAS Support
2,350
698
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
So what’s the end game here? accessing your wp site via what protocol and port exactly?
 
Ok. This is only a dev site so HTTP is fine. But I have to be able to show it externally and the synology natively takes over 80, right... Hence I chose 8080. If it can work over 443 (or a forwarding to) I don't care.

I also tried to reverse proxy it over 443 with more or less the same result. Wordpress appears to hold the 'siteurl' as a param in one of its db tbl's and I'm guessing that has to match up somehow.

Haven't tried to RP it over 80. Not sure it would work, would it? S'pose I can try that.
 

Rusty

Moderator
NAS Support
2,350
698
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Haven't tried to RP it over 80. Not sure it would work, would it? S'pose I can try that.
Well RP from 80 to 80 towards you VM local IP should work just fine.
 
Thanks again Rusty.

It does work ... provided I use the VM IP to proxy to as opposed to using the hostname.
I'm never fond of hardcoding IP's, but I suppose there is always the exception.
 
Slight change in this comment.

IF my URL I am attempting to call (host.domain.com) is essentially the same as the FQDN of the host I am attempting to RP to, THEN I have to use the internal host's IP in the RP config.

If however, I configure a different sub-domain/host URL to call (myhost.domain.com), then I _can_ use the internally DNS recognised FQDN of the internal host in the RP config.

Imagine a public DNS with A record for "alphabet.domain.com" with IP 212.85.167.20
and an internal host w. FQDN "alphabet.domain.com" with IP 192.168.0.15

URL: alphabet.domain.com reverse proxied on port 80 to 'alphabet.domain.com' on port 80 - Does not work.
URL: alphabet.domain.com reverse proxied on port 80 to '192.168.0.15' on port 80 - Does work

However:

URL: alfabet.domain.com reverse proxied on port 80 to 'alphabet.domain.com' on port 80 - Does work.

If I think about and were to check, I suspect there is probably a rule about exactly that in the Reverse Proxy IETF RFC.

But.......





..............
 

Rusty

Moderator
NAS Support
2,350
698
www.blackvoid.club
NAS
DS412+, DS718+, DS918+, 2x RS3614RPxs+ with expansions
Router
  1. RT1900ac
  2. RT2600ac
  3. MR2200ac
Operating system
  1. macOS
Mobile operating system
  1. iOS
Slight change in this comment.

IF my URL I am attempting to call (host.domain.com) is essentially the same as the FQDN of the host I am attempting to RP to, THEN I have to use the internal host's IP in the RP config.

If however, I configure a different sub-domain/host URL to call (myhost.domain.com), then I _can_ use the internally DNS recognised FQDN of the internal host in the RP config.

Imagine a public DNS with A record for "alphabet.domain.com" with IP 212.85.167.20
and an internal host w. FQDN "alphabet.domain.com" with IP 192.168.0.15

URL: alphabet.domain.com reverse proxied on port 80 to 'alphabet.domain.com' on port 80 - Does not work.
URL: alphabet.domain.com reverse proxied on port 80 to '192.168.0.15' on port 80 - Does work

However:

URL: alfabet.domain.com reverse proxied on port 80 to 'alphabet.domain.com' on port 80 - Does work.

If I think about and were to check, I suspect there is probably a rule about exactly that in the Reverse Proxy IETF RFC.

But.......





..............
Does your router support NAT loopback (hairpin) option? You could be having that problem as well.
 
Last edited:
Does your router support NAT loopback (hairpin) option? You could be having that problem as well.

I guess that's a possibility. The router does have DNS rebind protection which essentially stops hairpinning occurring. It's supposed to have functionality to be able to circumvent/permit it, but I've never been convinced it's correctly implemented.

I'm not sure it matters though. Unless the NAS is doing a DNS check in the background on field-change-of-focus, it refuses to accept/permit that configuration when creating the reverse proxy rule. It won't let you SAVE.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Similar threads

Similar threads

Trending threads

Top