stackerman's picture

I have been running a TKRedmine instance internally for some time in a DMZ area.  We now want to access it off the DMZ but I can't seem to get it to answer a request to the NAT (external) address.  

 

I'm no VHost expert and certainly am barely familiar with teh Debian "sites-enabled' and sites-available files. 

 

How do I get this to answer on multiple IP addresses (local IP and an external IP request...?)

Forum: 
Jeremy Davis's picture

Is it default Redmine or have the virtual hosts been adjusted? I assume that they must have been adjusted as by default they should be able to be contacted by via IP or hostname/FQDN (assuming that the IP and/or hostname point to your Redmine server...). AFAIK in default appliance wildcards are used so that the server will respond to anything that you call it (like I say, assuming that the FQDN or IP are relevant).

If your server has been configured to use a specific hostname/FQDN and you have a local DNS possibly the easiest thing to do would be to add a new DNS entry...

Regardless you'll probably need to see how it's configured ATM. So have a look what sites are enabled:

ls /etc/apache2/sites-enabled

Then look at the relevant site(s) to see what ServerName (if any) they are looking out for and what IP they are expecting you to use (if any). I give the example of looking at the Redmine Apache 'site' (which it should be by default, although YMMV). Look at any sites that are enabled...

cat /etc/apache2/sites-available/redmine

By default they'll use wildcards instead of an IP or hostname. You could try changing the IP/servername directive in any of the sites (edit the corresponding files in /etc/apache2/sites-available). Hopefully replacing whatever is in there with an asterisk (wildcard - i.e. '*').

Before you change anything I recommend you create backups of any site files so worst case scenario you can go back to scratch...

cp /etc/apache2/sites-available/redmine /etc/apache2/sites-available/redmine-orig
Jeremy Davis's picture

And I think I may have misunderstood... I thought you were trying to get it working from inside your LAN, rather than externally via a NAT'd port forward...

If your external domain and/or IP haven't changed then it should be irrelevant what is going on in your server. AFAIK when you have a DMZ set up all traffic is sent straight to that machine. When you disable DMZ and set up port forwarding with NAT traffic on the relevant port goes to that machine. In effect it is the same situation... Only differene is that behind NAT only the ports you forward are accessible; when in a DMZ all ports are accessible...

So my guess is that there is something not quite right with your NAT config and/or some port conflict (e.g. there are 2 servers trying to use port 80 externally and there is a race and your Redmine server is losing!)

Another possibility is firewall (on your network, not on the appliance; unless of course that has been enabled... By default it's disabled).

Add new comment