New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

jumpserver-0.3.3外网访问问题 #909

Closed
JinLongA opened this Issue Jan 12, 2018 · 3 comments

Comments

Projects
None yet
3 participants
@JinLongA

JinLongA commented Jan 12, 2018

我在内网安装得jumpserver 公网路由得80端口映射到内网得一个nginx上 然后用域名转发到这一台jumpserver上 添加的资产也都是内网网段得 请问如果配置nginx转发
image
image

@JinLongA

This comment has been minimized.

Show comment
Hide comment
@JinLongA

JinLongA Jan 12, 2018

在内网访问jumpserver得时候 就可以连接上资产 外网连接不上

JinLongA commented Jan 12, 2018

在内网访问jumpserver得时候 就可以连接上资产 外网连接不上

@ibuler

This comment has been minimized.

Show comment
Hide comment
@ibuler

ibuler Jan 15, 2018

Member

保证jumpserver与资产之间网络是可达的

Member

ibuler commented Jan 15, 2018

保证jumpserver与资产之间网络是可达的

@wojiushixiaobai

This comment has been minimized.

Show comment
Hide comment
@wojiushixiaobai

wojiushixiaobai Jan 16, 2018

Collaborator

proxy_pass 错误,把8000去掉。
server name 与proxy_pass 的 doman name 应该一致才对,要想外网加端口访问的话,应该是在 proxy_set_header Host 里面设置才对。

upstream jms.domain.com {
server 10.10.0.100:8080;
}
server {
listen 80;
server_name jms.domain.com;

    location / {
            proxy_pass http://jms.domain.com;     
            proxy_set_header    Host             $host;
            proxy_set_header    X-Real-IP        $remote_addr;
            proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header    HTTP_X_FORWARDED_FOR $remote_addr;
            proxy_redirect      default;
    }

}

另外如果还需要使用 ssh ,需要映射后端 jms 的2222端口到外网
通过网页,需要映射后端 jms 的5000端口到外网

Collaborator

wojiushixiaobai commented Jan 16, 2018

proxy_pass 错误,把8000去掉。
server name 与proxy_pass 的 doman name 应该一致才对,要想外网加端口访问的话,应该是在 proxy_set_header Host 里面设置才对。

upstream jms.domain.com {
server 10.10.0.100:8080;
}
server {
listen 80;
server_name jms.domain.com;

    location / {
            proxy_pass http://jms.domain.com;     
            proxy_set_header    Host             $host;
            proxy_set_header    X-Real-IP        $remote_addr;
            proxy_set_header    X-Forwarded-For  $proxy_add_x_forwarded_for;
            proxy_set_header    HTTP_X_FORWARDED_FOR $remote_addr;
            proxy_redirect      default;
    }

}

另外如果还需要使用 ssh ,需要映射后端 jms 的2222端口到外网
通过网页,需要映射后端 jms 的5000端口到外网

@ibuler ibuler closed this Mar 8, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment