d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
903c03c65b953d50006bff96c4acf7eef003a130
explorer-monorepo/COMPLETE_DIAGNOSIS_SUMMARY.md

2.6 KiB
Raw Blame History

Complete Diagnosis Summary - Explorer External Access Issue

Date: 2026-01-21
Status: ROOT CAUSE IDENTIFIED

Executive Summary

Problem: explorer.d-bis.org is not accessible externally (ERR_CONNECTION_TIMED_OUT)

Root Cause: Port forwarding and firewall rules exist in UDM Pro Web UI but are NOT active in the firewall/NAT table

Solution: Enable port forwarding rules and verify firewall allow rules in UDM Pro Web UI

Complete Path Analysis

Working Components

  1. DNS: explorer.d-bis.org76.53.10.36 (correct)
  2. NPMplus: Running, listening on ports 80/443
  3. NPMplus Config: Proxy host configured correctly
  4. VMID 5000: Operational, serving HTTP 200
  5. Proxmox Firewall: Not blocking (disabled)
  6. Internal Path: Working (NPMplus → VMID 5000 = HTTP 200)

Broken Components

  1. UDM Pro Port Forwarding: Rules NOT active in NAT table
  2. UDM Pro Firewall: No allow rules for 192.168.11.166

Diagnosis Results

Port Forwarding (NAT Table)

Status: ❌ NOT ACTIVE
Issue: No DNAT rules found for 76.53.10.36:80/443

Firewall Rules

Status: ❌ MISSING
Issue: No ACCEPT rules found for 192.168.11.166:80/443

Fix Required

Critical Actions:

  1. Enable Port Forwarding Rules

    • UDM Pro Web UI → Settings → Firewall & Security → Port Forwarding
    • Enable rules for 76.53.10.36:80/443
    • Save and wait 30 seconds

  2. Verify Firewall Allow Rules

    • UDM Pro Web UI → Settings → Firewall & Security → Firewall Rules
    • Ensure "Allow Port Forward..." rules exist
    • Move allow rules to top of list
    • Save and wait 30 seconds

Expected Results After Fix

  • NAT table will show DNAT rules for 76.53.10.36
  • Firewall will show ACCEPT rules for 192.168.11.166
  • External access will work (HTTP 200)
  • explorer.d-bis.org will be accessible

Verification Commands

After making changes, verify:

# SSH to UDM Pro
ssh OQmQuS@192.168.11.1

# Check NAT rules (should show DNAT now)
sudo iptables -t nat -L PREROUTING -n -v | grep "76.53.10.36"

# Check firewall rules (should show ACCEPT now)
sudo iptables -L FORWARD -n -v | grep "192.168.11.166"

# Test external access
curl -v http://76.53.10.36
curl -v https://explorer.d-bis.org

Files Created

  1. UDM_PRO_DIAGNOSIS_REPORT.md - Complete diagnosis report
  2. UDM_PRO_FIX_REQUIRED.md - Detailed fix instructions
  3. UDM_PRO_COMPLETE_DIAGNOSIS.sh - Diagnosis script
  4. COMPLETE_DIAGNOSIS_SUMMARY.md - This summary

Status: DIAGNOSIS COMPLETE - FIX REQUIRED IN UDM PRO WEB UI

Reference in New Issue View Git Blame Copy Permalink