× Attn: Nighthawk Pro Gaming members, we have recently released firmware to address a critical security vulnerability. For more information click here. .
× NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Orbi WiFi 7 RBE973
Reply

Cannot access self-hosted domains after updating to V2.7.2.104

dtskip
Guide

Cannot access self-hosted domains after updating to V2.7.2.104

I self-host a Nextcloud server among other things on a domain I purchased. But since updating my Orbi from V2.5.1.16 to V2.7.2.104, those domains simply do not load anymore, unless I connect to a VPN. They work fine from outside the network, but not from within my own network. What gives?

 

I can only conclude this is a problem from the Orbi, but have no idea where I should be looking.

Model: RBR50|Orbi AC3000 Tri-band WiFi Router
Message 1 of 9
FURRYe38
Guru

Re: Cannot access self-hosted domains after updating to V2.7.2.104

Revert back to v16? 

Message 2 of 9
CrimpOn
Guru

Re: Cannot access self-hosted domains after updating to V2.7.2.104

Have you tried connecting using the Orbi public IP address, rather than the Domain Name?

Message 3 of 9
dtskip
Guide

Re: Cannot access self-hosted domains after updating to V2.7.2.104


@FURRYe38 wrote:

Revert back to v16? 


Not an option. I had enough trouble with the last nightmare of downgrading firmware. It just goes into an endless loop of "Please wait" when trying to downgrade the router.

Message 4 of 9
dtskip
Guide

Re: Cannot access self-hosted domains after updating to V2.7.2.104


@CrimpOn wrote:

Have you tried connecting using the Orbi public IP address, rather than the Domain Name?


Yes, and it works with some of my docker containers, but not Nextcloud, which always redirects to the domain. That's how I prefer it too, so I only have to connect to a single domain whether I'm connected to my home network or not.

 

I want to find the problem this firmware update caused which seems to be blocking my personal domain.

Message 5 of 9
CrimpOn
Guru

Re: Cannot access self-hosted domains after updating to V2.7.2.104

I am struggling to come up with an experiment to reproduce the issue.  Probably because of not understanding how NextCloud and "domains" work.  (one sentence said "domain I purchased" and another said "those domains".  Are there more than one domain?

 

 I found this guide on running NextCloud:

https://docs.nextcloudpi.com/en/how-to-access-from-outside-your-network/ 

 

Is this even close to what is going on:

  • There is a Linux server on the local network running NextCloud, which listens for connections on ports 80 and 443.
  • On the Orbi router, ports 80 and 443 are forwarded to the server
  • At either My-IP.com or Dyn.com a domain name is associated with the public IP of the Orbi.
    (I sense a potential issue here because Orbi's DDNS works with either My-IP.com or Dyn.com and NextCloud talks about using either My-IP.com or FREEDNS.  Which are you using?)

I seem to recall there being issues with forwarding port 443 through the Orbi.  (Probably not remembering correctly.)

Message 6 of 9
dtskip
Guide

Re: Cannot access self-hosted domains after updating to V2.7.2.104


@CrimpOn wrote:

I am struggling to come up with an experiment to reproduce the issue.  Probably because of not understanding how NextCloud and "domains" work.  (one sentence said "domain I purchased" and another said "those domains".  Are there more than one domain?

 

 I found this guide on running NextCloud:

https://docs.nextcloudpi.com/en/how-to-access-from-outside-your-network/ 

 

Is this even close to what is going on:

  • There is a Linux server on the local network running NextCloud, which listens for connections on ports 80 and 443.
  • On the Orbi router, ports 80 and 443 are forwarded to the server
  • At either My-IP.com or Dyn.com a domain name is associated with the public IP of the Orbi.
    (I sense a potential issue here because Orbi's DDNS works with either My-IP.com or Dyn.com and NextCloud talks about using either My-IP.com or FREEDNS.  Which are you using?)

I seem to recall there being issues with forwarding port 443 through the Orbi.  (Probably not remembering correctly.)


I didn't bother providing the extra information because I was hoping someone might be able to pinpoint a known issue in the latest firmware update. Looks like that window is shut.

 

Basically I have an Unraid Server connected to my Orbi Router via Ethernet. On this server I run several containers, including about 4-5 configured with a Reverse Proxy (LetsEncrypt/Nginx) and my custom domain (for example, mydomain.org). With Nextcloud, I have it configured as a subdomain (nextcloud.mydomain.org).

 

Of course, all of these docker containers have a local gateway, which comes in the form of my server's local IP+port, but I prefer accessing Nextcloud through my custom domain for a variety of reasons. For some reason however, upgrading to the latest Orbi firmware appears to have the effect of blocking my custom domain, even though my internet still works perfectly well, and I can access my custom domain from outside my network, and through a VPN.

 

As if things couldn't get anymore confusing: after running some more tests, I can now conclude this problem only occurs with devices connected to the Orbi via ethernet cable. In other words, the PC I'm typing this from cannot connect to the custom domains, but my phone and laptop connected to the Orbi via Wi-Fi can. If I connect my Laptop via Ethernet to the Orbi, it no longer works. I am honestly baffled.

Message 7 of 9
CrimpOn
Guru

Re: Cannot access self-hosted domains after updating to V2.7.2.104

I feel like I've just taken off my training wheels and the subject is now Motocross.

 

My framework is so primitive.

  • An app on the computer wants nextcloud.mydomain.org and
  • Looks in the local DNS cache for the IP address.  oops. not there.
  • Sends a DNS query
    (which ordinarily would go to the Orbi, but sometimes people enter static DNS servers)
  • That server looks in the DNS cache, oops. not found, and
  • Sends the query to wherever it resolves DNS
  • Eventually, the domain name is resolved to the public IP of the Orbi router.
  • The Orbi gets this connection request and forwards it to the LAN IP of this monster server.
  • The server is able to satisfy modern software requirements because it generates suitable SSL certificates.
    (LetsEncrypt/Nginx)

When a device connected over WiFi does this, it works correctly.

When a device elsewhere on the internet does this, it works correctly.

When a device runs VPN software to tunnel out through the Orbi and bypass DNS, etc., it works correctly.

(Using OPenVPN to reach the Orbi LAN is outside the scope of this discussion, correct?)

Only when a device is connected with ethernet, it fails.

 

I have no clue.  Guess I would put an entry in the local DNS table that points to the local server.  The only alternatives I see are (a) pay Gearhead to open a support ticket, which I have absolutely no expectation would result in anything worthwhile, or (b) do that tedious reinstall of a firmware version that was known to work.

Message 8 of 9
CrimpOn
Guru

Re: Cannot access self-hosted domains after updating to V2.7.2.104


@CrimpOn wrote:

Guess I would put an entry in the local DNS table that points to the local server.


Which, of course, is the "hosts" file, except that the world is conspiring to make that no longer work the way it already has:

https://www.liquidweb.com/kb/dns-hosts-file/ 

I had not remembered that Firefox has abandoned DNS entirely (by default). That article claims the other browsers have not, but that was written in 2020.

Message 9 of 9
Top Contributors
Discussion stats
  • 8 replies
  • 1427 views
  • 0 kudos
  • 3 in conversation
Announcements

Orbi 770 Series