Forum OpenACS Development: Re: unable to access

Collapse
2: Re: unable to access (response to 1)
Posted by Brian Fenton on
Hi Iuri

what's your server networking setup? When you say "internally", what does that mean? From the server that is running AOLserver? Or from within your internal network?

What IP addresses is AOLserver listening on?

Can you do a "telnet %lt;internal IP> %lt;port>" on the server that is running AOLserver?

Brian

Collapse
3: Re: unable to access (response to 2)
Posted by Iuri Sampaio on
Brian,

The networking is:
Gateway: 192.168.1.1
server: 192.168.1.100

I also run nginx as a proxy server listening to IP 192.168.1.100 that points to AOLServer which is listening to the machine local ip address 127.0.0.1

Would nginx affect internal access?
If so why external access is properly working?

I blocked telnet access. SSH access is working fine

Collapse
5: Re: unable to access (response to 3)
Posted by Gustaf Neumann on
hmm, not sure what exactly you refer to as "internally" and "externally". IP addresses from 192.168.0.0 - 192.168.255.255 are reserved for "private Internets", so they are not suppose to work from outside of an gateway that separates an internal network from the public Internet (see e.g. http://www.faqs.org/rfcs/rfc1918.html).
Collapse
6: Re: unable to access (response to 5)
Posted by Iuri Sampaio on
Externally: The site is reached through the DNS. For example: http://yoursite.com and it resolves fine to whatever computer around the globe :)

Internally: the computers those are in the same intranet 192.168.1.0 - 192.168.1.255 (under the same gateway 192.168.1.1), have no access to the site.
Neither through the DNS nor through the internal IP.

I strongly believe the issue is on nginx.
I will paste the results later.

cheers,

Collapse
8: Re: unable to access (response to 6)
Posted by Gustaf Neumann on
Can you resolve yoursite.com via DNS from your internal machines? if not, your DNS setup is wrong. if DNS resolves to e.g. 1.2.3.4, try http://1.2.3.4/ from an internal machine. This request should be resolved via proxy (nginx). If this does not work, you have most likely a router/vlan etc. problem. Certainly, one can as well goof up the nginx configuration. One can consider as well using 0.0.0.0 (listen to all ip addresses) for aolserver, but i am not sure, this is a good idea for your case. In general, nginx works perfectly with internal/external addresses. however, without more details about the intended/actual setup, guessing is hard.
Collapse
9: Re: unable to access (response to 8)
Posted by Iuri Sampaio on
It can't resolve mysite.com via DNS from internal machines. However it resolves fine to external ones.

What do you mean with wrong DNS setup?

Well, the server is under a modem, which distributes the connection over a switch, and it forwards the http connection on port 80 to the respective machine, at 192.168.1.100.

Then, the proxy server (nginx) switches from 192.168.1.100:80 to 127.0.0.1:8001

So far, nginx is not the problem. I turned it down and set AOLServer directly to listen to the internal address 192.168.1.100 and the computers under the intranet have no access to the site.

Btw, the internal machines are running windows except the one that holds the site. it runs debian with standard installation without any browser to test the access.