Issue with ssl cert on local network with pfSense

fred974 · March 3, 2021, 4:07pm

Hi,

I installed a nextcloud instance on my truenascore and created a NAT rule so nexcloud.mydomain.com is redirected to my nextcloud instance.

When I am outside of my network, I can access nextcloud via https://nexcloud.mydomain.com with no problem at all.

When I am at home and try to access the same url, I get invalide ssl error and chrome refuse to connect.

I have 2 LANs in my pfSense:
Lan1 is my home LAN and I have unifi AP to connect devise wirelessly
Lan2 is my office LAN and no wireless devices access it. Only wired connection.
LAN1 and LAN2 are both physical port (no vLAN)

Nextcloud is on Lan2 and is getting access via laptop on Lan1 via wireless.
The port that connect to the wifi is trunk as I have vlan for some wireless SSID too.

Could anyone please advise on how to debug this situation?

Thank you

LTS_Tom · March 3, 2021, 9:38pm

Make sure you have NAT reflection turned on and you are aceessing it vie the URL that matches the cert Network Address Translation — NAT Reflection | pfSense Documentation

fred974 · March 5, 2021, 11:35am

Thank you @LTS_Tom
I just look at my setting and It is currently set to ‘Pure NAT’ is that the correct setting?

Thank you

LTS_Tom · March 5, 2021, 1:13pm

That is what I use for my systems.

fred974 · March 5, 2021, 1:42pm

Is there any more advise you can offer in to help my situation?

LTS_Tom · March 5, 2021, 2:19pm

You could try putting in a DNS entry in pfsense so nexcloud.mydomain.com resolves to it’s local IP.

fred974 · March 7, 2021, 12:04am

@LTS_Tom I did add the DNS resolver. After a few days of pulling my hair out, I realised that I didn’t have a firewall rule allowing outgoing connection to my second LAN2 network.

All working now.

Thank you