Nginx proxy_bind failing
garycnew@yahoo.com
nginx-forum at forum.nginx.org
Fri Oct 30 11:15:58 UTC 2020
All:
After reviewing the iptables chains workflow, I discovered that the Nginx
Worker (100.64.8.236:12345) outside interface was associated with the OUTPUT
chain.
(192.168.0.2:12345) OUTPUT ==>
(192.168.0.154:$port) PREROUTING ==>
(100.64.8.236:12345) POSTROUTING ==>
Windows Client (192.168.0.154:$port) ==> Nginx Master (192.168.0.2:443) |
Nginx Worker (100.64.8.236:12345) ==> Upstream Desination Server
(104.27.161.206:443)
<== POSTROUTING (192.168.0.2:443)
<== PREROUTING (104.27.161.206:443)
Once adding the appropriate iptables OUTPUT rule, using the correct
interface (vlan2), the packets leaving the Nginx Worker (100.64.8.236:12345)
were then appropriately MARKed and routed to the OpenVPN Tunnel.
# iptables -t mangle -I OUTPUT -o vlan2 -p tcp -m multiport --sport 12345 -j
MARK --set-mark 0x2000/0x2000
Now, I just need to figure out the Nginx SSL Client CA Trust configuration
and we should be in business.
Hope this helps someone in the future.
Respectfully,
Gary
Posted at Nginx Forum: https://forum.nginx.org/read.php?2,289823,289847#msg-289847
More information about the nginx
mailing list