× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Re: GSS180E Switch + Rev Proxy Error: ERR_HTTP2_SERVER_REFUSED_STREAM

netmind
Aspirant

GSS180E Switch + Rev Proxy Error: ERR_HTTP2_SERVER_REFUSED_STREAM

I'm got my GSS108E managed switch set up behind a reverse proxy that is providing https.

 

I can load up the log in page but will get an after entering in the password and submitting:

 

The webpage at https://ng_switch/login.cgi might be temporarily down or it may have moved permanently to a new web address.

ERR_HTTP2_SERVER_REFUSED_STREAM

 

Unfortunately it doesn't seem the GSS180E has any logging so I can't troubleshoot what is going on.  I've tried to play around with the (pfsense) reverse proxy settings to enable the Forwardfor header but this didn't have any effect.  The reverse proxy logs just show that the request is forwarded to the GSS108E's login.cgi but no further details.

 

Anyone know how to configure the GSS108E or similar with a reverse proxy? Or at least enable https on the GSS108E directly?

Message 1 of 3
schumaku
Guru

Re: GSS180E Switch + Rev Proxy Error: ERR_HTTP2_SERVER_REFUSED_STREAM


@netmind wrote:

Anyone know how to configure the GSS108E or similar with a reverse proxy?


Start the adventure of bringing a random unknown Web application to a reverse proxy by using plain http - easier to find the areas the GSS108E does struggle. Adding some additional virtual path (or a correct mapping) is likely required.

 

The message itself is coming from your unknown proxy server implementation, probably related to either Apache or Nginx using the HTTP/2 standard. You might get more solution oriented assistance talking to a group more fluent on implementing (reverse) proxies. 

 


@netmind wrote:

Or at least enable https on the GSS108E directly?


Not possible, a common limitation coming from the simple implementation allowing to implement a basic Web UI on a 8051-style low power uController.

 


@netmind wrote:

I'm got my GSS108E managed switch set up behind a reverse proxy that is providing https.


Here again, ways off from a fully managed switch. These are configurable devices, built on an unmanaged core, implementing both a simple L2 Netgear Switch Discovery Protocol (NTDS) plus a very basic Web UI on a tiny uC. which is also in charge for monitoring network activity and handle ICMP Multicast.

Message 2 of 3
netmind
Aspirant

Re: GSS180E Switch + Rev Proxy Error: ERR_HTTP2_SERVER_REFUSED_STREAM

Thanks for the response.  I'm using pfsense/haproxy in case it wasn't clear.  Trying the pfsense forums too but understandably same advice there "seems like netgear doing some weird things, try the forums there..."

 

I hear where your coming from but tbh disappointed/surprised this hasn't been sorted out.  I mean I using an ancient asus RT-N66U with openwrt as a backup switch and it's capable of https directly &/or or playing nicely behind pfsense/haproxy.  Is https &/or rev proxy really a exotic / high end thing?  Hell https on its way to become mandatory...

 

The strange thing is the GSS108E login page is able to load, which suggests the basic rev proxy configuration is ok.  I dug around some more and seems like the login page does some redirect / hidden frames / set some headers:

 

function RedirectToLoginPage()
{
top.location.href = "/login.cgi";
}
</script>
</head>
<body onload="RedirectToLoginPage();">
</body>
</html>
HTTP/1.1 200 OK
Connection: close
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Type: text/html
Cache-Control: no-cache
Expires: -1

Message 3 of 3
Top Contributors
Discussion stats
  • 2 replies
  • 297 views
  • 0 kudos
  • 2 in conversation
Announcements