d-bis/explorer-monorepo
4
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
43a7b88e2a7981e28cacdcd9715342b781a5f10c
explorer-monorepo/NETWORK_CONNECTIVITY_ISSUE.md

3.0 KiB
Raw Blame History

Network Connectivity Issue - NPMplus Not Reachable

Date: 2026-01-21
Issue: NPMplus (192.168.11.166) not reachable from 192.168.11.4, but working internally

Current Status

Working:

  • Container is running
  • Ports 80/443 are listening inside container
  • Ping works (ICMP)
  • NPMplus responds from inside container

Not Working:

  • TCP connections from 192.168.11.4 → 192.168.11.166:80/443 → Connection refused
  • This suggests a firewall or network policy blocking TCP

Analysis

Connection Refused (not timeout) typically means:

  1. Service is not listening on that interface
  2. Firewall is actively rejecting connections
  3. Network policy is blocking TCP traffic

Since:

  • Service IS listening (verified inside container)
  • Ping works (ICMP allowed)
  • TCP connections refused

Conclusion: Firewall or network policy is blocking TCP traffic to 192.168.11.166

Possible Causes

1. Container Firewall

  • Container may have firewall rules blocking incoming connections
  • Check: pct exec 10233 -- iptables -L -n -v

2. Host Firewall

  • Proxmox host firewall may be blocking
  • Check: iptables -L -n -v on r630-01

3. UDM Pro Firewall

  • UDM Pro may have rules blocking internal → internal TCP
  • Check firewall rules for internal network restrictions

4. Network Segmentation

  • VLAN or network policy may be blocking
  • Check network configuration

Fix Steps

Step 1: Check Container Firewall

ssh root@r630-01
pct exec 10233 -- iptables -L -n -v

If blocking rules found:

  • Add allow rules for ports 80/443
  • Or disable container firewall if not needed

Step 2: Check Host Firewall

ssh root@r630-01
iptables -L -n -v | grep 192.168.11.166

If blocking rules found:

  • Add allow rules for 192.168.11.166:80/443
  • Or adjust firewall policy

Step 3: Check UDM Pro Internal Rules

UDM Pro may have rules blocking internal → internal traffic:

  • Check firewall rules for Internal → Internal policies
  • Ensure TCP traffic is allowed between internal IPs

Quick Test

Test from different internal IP to see if it's specific to 192.168.11.4:

# From another internal device
curl -v http://192.168.11.166 -H "Host: explorer.d-bis.org"

Impact on External Access

Important: Even if internal access doesn't work, external access might still work if:

  • Port forwarding rules are active
  • External → Internal firewall rules allow traffic
  • UDM Pro routes external traffic differently than internal traffic

The real test is external access from the internet.

Summary

Issue: Internal access to NPMplus blocked (likely firewall)

Impact:

  • Internal testing from 192.168.11.4 won't work
  • External access may still work (needs testing)

Next Steps:

  1. Check and fix firewall rules
  2. Test external access (most important)
  3. If external works, internal issue is separate

Status: ⚠️ INTERNAL ACCESS BLOCKED - TEST EXTERNAL ACCESS

Reference in New Issue View Git Blame Copy Permalink