Certbot
-
we dont have one. its just rose.internal
-
You need to create one. That's what allows you to use different, internal IPs for that roseradiology.com domain while inside your network.
that's what makes split horizon DNS.
-
@Dashrender But Why? Why host any roseradiology.com DNS locally? Speed?
-
@aaronstuder I am confused here, too. I don't see where the benefit is in this setup.
-
@StrongBad The only thing I can think of is speed? Maybe it's a bit faster? However many routers have loopback NAT, so no difference there.
-
@wirestyle22 Can you start a new topic? It's hard to keep track here.
-
@alex-olynyk remove roseradiology.com from your local DNS complerely, then try again after flushing DNS. I bet it works.
-
@aaronstuder removed and flushed but no change
-
@alex.olynyk Did you remove all records, or just the owncloud one? You have to remove the whole domain.
-
Unless I completely misunderstood something in the beginning, the OP indicated that he had roseradiology.com on his internal DNS as well. So working from that, I gave the above response.
Now that we see that he does not have that already in place, I would agree, avoid it if at all possible - but you have to make sure things work first.
This means making sure his firewall/router supports hairpin routing.
It works as follows:
an internal client makes a request for the IP to OC.roseradiology.com, which is responded to from the internet DNS server with an IP on his firewall (assuming the OP is using NATing).
The client then tries to connect to that IP, which is on the outside of his firewall.
The firewall gets a packet and realizes that it has a rule that says this packet needs to go back inside the network to the designated internal IP (cisco PIX firewalls can NOT do this). Assuming this works - the traffic is sent back inside the network
and all is fine. -
@aaronstuder
removed domain -
@Dashrender things do work if I use 2 different URL's
-
@alex.olynyk said in Certbot:
@Dashrender things do work if I use 2 different URL's
How does file sharing work that way?
-
dont know. havent put into production yet
-
@alex.olynyk said in Certbot:
dont know. havent put into production yet
LOL, so how do you know that things will work
The links that are generated by the system will only work to one or the other group (internal or external) is the expectation. -
honestly dont know, this has been placed in my lap to get working
-
OK @alex-olynyk did add roseradiology.com, but not in the correct place. As such, it never worked as desired.
-
@alex-olynyk
now that you've removed that, what do you get when you ping owncloud.roseradiology.com? -
-
is that IP address on your firewall?
