NGINX - Redirecting works, proxy pass doesn't

Question

So i'm trying to set up a reverse proxy and I've come across a weird error: When I redirect the user everything works fine, but when I use proxy_pass (like I need) I get a "502 Bad Gateway error".

Code:

server { #banca empresas HTTP

            listen 80;

            server_name emp.baiq.pt www.emp.baiq.pt;

            rewrite ^ https://$server_name$request_uri? permanent;

    }

    server { #banca empresas HTTPS

            listen 443;

            server_tokens off;

            server_name emp.baiq.pt www.emp.baiq.pt;

            add_header X-Frame-Options SAMEORIGIN;
            add_header X-Content-Type-Options nosniff;
            add_header X-XSS-Protection "1; mode=block";

            ssl_certificate /etc/nginx/certs/*.baiteste.pt.crt;
            ssl_certificate_key /etc/nginx/certs/*.baiteste.pt.key;

            location / {
                    #proxy_pass http://192.168.1.78:8081/login.htm?origin=E;
                    return 301 http://192.168.1.78:8081/login.htm?origin=E;
            }

            #error_page 500 502 503 504 /maintenance_page/index.html;

            location = /maintenance_page/index.html {
                    root html;
            }

            location = /favicon.ico {
                    log_not_found off;
            }

            access_log /var/log/nginx/emp.baiq.pt.access.log;

    }

After capturing traffic I found out that the peer, after the 3-way handshake is completed, immediately closes the connection once it receives the http-request.

So, what could be causing this error?

Error log file

2019/07/24 08:25:40 [error] 24506#24506: *2 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: x.x.x.x, server: mydomain.com, request: "GET / HTTP/1.1", upstream: "http://y.y.y.y:8081/", host: domaintoaccess.com

Thank you

What is the peer's configuration? What does its log files tell? — Tero Kilkanen, Jul 23 '19 at 19:07
Nothing conclusive. After checking the requests (access with proxy_pass and access with browser) they are exactly the same, only difference is the task numbers — EngineerWannabe, Jul 24 '19 at 08:45

score 0 · Answer 1 · answered Jul 24 '19 at 09:48

0

So after about 2 days of thinking about this (and with some help) I/we found out that it was a routing problem. The firewalls seem to be quietly dropping the packets for this communication for some reason (we don't have any rules that do this).

answered Jul 24 '19 at 09:48

EngineerWannabe

3
2

NGINX - Redirecting works, proxy pass doesn't

1 Answers1