nginx accepts local network connection but not external, NATed

Question

I have an Ubuntu 16.04.3 LTS, with 2 network interfaces ***.20 and ***.30

External connections to 80,443,25,995 are port-forwarded by the router to ***.30 interface.

Synopsis:

nginx DOESN'T work (no connection accepted) when I try to open any page from outside.

Checked:

nginx works(ie accepts connections, shows front page) when opening in browser http://***.30/ and https://***.30/
works when I shut down nginx and run sudo ncat -l ***.30 80 and telnet mydomain.com 80 from outside: can see my typing on both sides. I think that wets the dns+port-forwarding+iptables.

Questions:

What else could I check? Any pointers? Can I assume correct nginx config from the fact the page opens from local ***.30 interface ?

Dumps, edited

Running nginx:

nginx version: nginx/1.13.6
built by gcc 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4)
built with OpenSSL 1.0.2g  1 Mar 2016
TLS SNI support enabled

netstat:

Proto Recv-Q Send-Q Local Address Foreign Addr State       PID/Program name
tcp        0      0 ***.30:25     0.0.0.0:*    LISTEN      5150/nginx: master
tcp        0      0 ***.30:443    0.0.0.0:*    LISTEN      5150/nginx: master
tcp        0      0 ***.30:995    0.0.0.0:*    LISTEN      5150/nginx: master
tcp        0      0 ***.30:80     0.0.0.0:*    LISTEN      5150/nginx: master
tcp        0      0 ***.20:80     0.0.0.0:*    LISTEN      5150/nginx: master

iptables:

ACCEPT tcp -- anywhere ***.30  tcp dpt:http
ACCEPT tcp -- anywhere ***.30  tcp dpt:https
ACCEPT tcp -- anywhere ***.30  tcp dpt:smtp
ACCEPT tcp -- anywhere ***.30  tcp dpt:pop3s

I see nothing - `telnet` connection is not accepted and times out in ~30s. — Michal Kupczyk, Nov 18 '17 at 16:35

nginx accepts local network connection but not external, NATed

Synopsis:

Checked:

Questions:

Dumps, edited

0 Answers0