sorry typos in command my fault, redid result below
{“status”:false}[root@Grahome ~]#
So outbound port 80 works.
Inbound port 80 is not being properly forwarded or is otherwise blocked.
port rule as below
Grahomepbx * 80 192.168.1.71:80 WAN
rule order for WAN in
||2000||webserver|Accept|All||* Groups:
| https |
|---|
3001 allow established/related sessions Accept All
3002 drop invalid state Drop All
3003 PortForward [Teredo] Accept TCP and UDP
3004 PortForward [Grahomepbx] Accept TCP and UDP
the order seems fixed, do I need any similar rule on LAN in or out?
Further research, I have checked that my modem is also port fowarding 80 to the USG. The firewall on the modem (it is a UK BT Hub) is off but port forwarding has to be utilised anyway. I think port 80 is not blocked by the modem with this setting
Below is assuming the admin interface is set up for port 80 in SysAdmin.
If you temporarily disable the FreePBX firewall:
fwconsole firewall stop
Can you access the admin interface via http from outside the LAN?
admin interface is set to port 8080, only letsencrypt on 80.
I think I have stumbled on the problem. On a unifi help page it says port forward does not work if USG does not have public ip address. Mine does not because Bridging mode on my modem did not work.
I know a great deal more now so I will try to set up Bridging mode which will mean the ip address of the USG will be public.
If this crashes everything I will get back tomorrow with the outcome.
Thanks for your help and suggestions, much obliged.
If using the LE service, create a test file to facilitate further testing:
echo testfile > /var/www/html/.freepbx-known/testfile
If the modem/gateway forwarding is working then the file should be available outside the lan via http://your.fqdn.org/.freepbx-known/testfile when the FreePBX firewall is stopped.
You may want to edit the output above to obfuscate the domain and IP now.
1 Like
This topic was automatically closed 31 days after the last reply. New replies are no longer allowed.