IP based binding

    Hello eveyone :)


    Lately I have been playing around with my OMV NAS (running on a HP MicroServer Gen 8).
    I have been setting up all the plugin nicely so that SickBeard, CouchPotato and Headphones interact with the folders where Tranmission and Sabnzbd stored the downloads.


    As I'm a big fan of HTTPS and I do want all the connections to be encrypted, even in the home network, I was wondering few things:
    - Is it possible to bind the OMV Web UI to a single IP instead of to both the IP's (have got 2 NICs)?
    - Assuming the above is possible, would it be possible to bind the plug-ins mentioned above to the 2nd NIC and enforce HTTPS for these as well?


    Ideally what I would like to achieve is:
    - NIC 1 is dedicated to OMV Web UI (port 443) and published to internet using one certificate
    - NIC 2 is dedicated to plug-ins web interfaces (ports 8080, 5050, 8081, 9091) again, over SSL using a different certificate.


    Would this be something already attempted and if so, is there any direction I can follow?


    Thank you,
    Tommy

    HP MicroServer Gen 8
    HP DL360e Gen 8 + HP StorageWorks D2700

    HP DL380e Gen 8 + HP StorageWorks D2600

    Possible? Yes. But not with the current state of the plugins.


    No directions to follow because everything you would do via CLI would be reversed on every update.


    Greetings
    David

    "Well... lately this forum has become support for everything except omv" [...] "And is like someone is banning Google from their browsers"


    Only two things are infinite, the universe and human stupidity, and I'm not sure about the former.

    Upload Logfile via WebGUI/CLI
    #openmediavault on freenode IRC | German & English | GMT+1
    Absolutely no Support via PM!

    It looks like this server is being used at home. There is no reason to use ssl within your LAN at home and it would decrease the speed of connections.


    I don't get what you are trying to achieve with this setup. I think the 2nd NIC would be better used for link aggregation.

    Thanks davidh2k & tekkb for yor reply.


    Yes, you're correct, this server is indeed used in a home scenario and I'm pretty much the only user.
    I anyway like the fact of taking advantage of SSL when possible. Especially since I'm making my NAS available on internet.
    And since I got a clone of my home NAS running on Azure to which I indeed connect over untrusted networks.


    As the above setup is unpractical and would be overwritten at every update, I have just posted another question on a separate thread (around using nginx as a reverse [SSL] proxy).
    If I were to use such a workaround, theoretically it should be transparent during upgrades as the plugin would be independent form the reverse proxy (performed instead on nginx).
    So, if I get this right, the plugin will still listen, let's say on port 9091 after the upgrade and nginx would receive an incoming connection from HTTPS 19091 to HTTP 9091.


    Thanks,
    Tommy

    HP MicroServer Gen 8
    HP DL360e Gen 8 + HP StorageWorks D2700

    HP DL380e Gen 8 + HP StorageWorks D2600

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!

Benutzerkonto erstellen Anmelden