- i can ping the ip and the domain.local from the opensuse TW box
- i can ssh on the machine from the opensuse TW box
- said machine has nginx up and running and a web interface, the web ui redirect from http to https using a self signed certificate and it can be accessed from other computers(windows7) by simply adding on firefox a certificate exception
- from the opensuse TW box i cant access the web interface using the ip or the domain.local
what is happening in this case ?
It would help if you could post the commands and their output in order to
convey the situation as completely as possible. For example, what does
“local ip” mean? I thought at first you meant an IP on your openSUSE box
itself, but now I wonder if you either mean an IP that is on your network
(another, non-technical, kind of “local”), or an IP that is resolved-to by
the name ‘local’ (a DNS thing). The nuances matter.
Being able to ping does a test at layer three (3), but that has nothing to
do with layer four (4) other than being a foundation for it. Better tools
for testing TCP include netcat, or in your case with HTTP data try using curl:
netcat -zv ip.address.goes.here 80 #possibly use 'nc' instead of 'netcat'
netcat -zv ip.address.goes.here 443
curl -v http://ip.address.goes.here/
curl --insecure -v https://ip.address.goes.here/
Hopefully the output from the commands above will help us. Another option
is to go to the target system and see what it shows in its logs, perhaps
/var/log/messages or /var/log/firewall, when you try to connect.
If you find this post helpful and are logged into the web interface,
show your appreciation and click on the star below.
If you want to send me a private message, please let me know in the
forum as I do not use the web interface often.
For example, what does “local ip” mean?
netcat -zv 192.168.2.70 443
netcat: connect to 192.168.2.70 port 443 (tcp) failed: Connection refused
url -v http://192.168.2.70
* Rebuilt URL to: http://192.168.2.70/
* Trying 192.168.2.70...
* TCP_NODELAY set
* connect to 192.168.2.70 port 80 failed: Connection refused
* Failed to connect to 192.168.2.70 port 80: Connection refused
* Closing connection 0
curl: (7) Failed to connect to 192.168.2.70 port 80: Connection refused
now i am extremely confused
tail /var/log/firewalld 2018-05-30 10:17:41 ERROR: UNKNOWN_INTERFACE: 'eno1' is not in any zone
that is old and the network interface got placed on homezone
“Connection refused” means that you’re successfully <attempting> to make a connection but the remote machine (your webserver) is actively denying the connection.
Do you have some kind of restriction configured, like only certain IP addresses can connect (ie some kind of machine or webserver security configuration)?
Assume you don’t have some other kind of security software installed like a reverse web proxy?
Depending on how your FF security is set up, have you installed the website certificate in your openSUSE FF?
Have you tested <without> SSL?
You might be able to get more information if you do a tcpdump on your server and inspect your nginx logs.
You also posted a couple entries from your firewalld, one being an error but you don’t describe your firewall setup (particularly interfaces and zones) in any way. Hard to make sense of that without outright speculation.
on the windows7 machine via chrome everything works OK(only need to confirm on the ssl error warning) and that is driving me crazy
i give up on this, sorry for making you lose time on this :X