sandstorm icon indicating copy to clipboard operation
sandstorm copied to clipboard

Published 20 hours ago verified publisher icon sandstorm-io

Cannot connect to subdomain to complete setup

Open WillyT59 opened this issue 4 years ago • 8 comments

After installing, I tried to complete setup using the provided URL. The server just times out. To correct, I have tried stopping, starting and generating a new admin token. To no avail. The subdomain is 'fides'. Installation is on Ubuntu 20.04.1 LTS

WillyT59 avatar Jan 26 '21 14:01 WillyT59

fides.sandcats.io appears to resolve to an IP address correctly. What does your sandstorm.conf file look like? Is this on a public cloud service, or do you have a router or firewall that needs port forwarding?

ocdtrekkie avatar Jan 26 '21 14:01 ocdtrekkie

installation is on ubuntu running on my mac desktop pro using virtualbox

WillyT59 avatar Jan 26 '21 14:01 WillyT59

here's the conf file:

SERVER_USER=sandstorm PORT=80 MONGO_PORT=6081 BIND_IP=0.0.0.0 BASE_URL=https://fides.sandcats.io WILDCARD_HOST=*.fides.sandcats.io UPDATE_CHANNEL=dev ALLOW_DEV_ACCOUNTS=false SMTP_LISTEN_PORT=25 SANDCATS_BASE_DOMAIN=sandcats.io HTTPS_PORT=443

WillyT59 avatar Jan 26 '21 15:01 WillyT59

So you probably need to look at a few issues: Ensuring that traffic from the Internet on port 443 is forwarded by your router to your Mac Pro, and also that that traffic is then, in turn, routed to Virtualbox. An additional consideration if it's a home Internet connection, such as Comcast, using ports 80 and 443 may be blocked by your ISP, so you may want to configure alternative ports.

ocdtrekkie avatar Jan 26 '21 15:01 ocdtrekkie

thanks . . . will have a look and report back here

WillyT59 avatar Jan 26 '21 15:01 WillyT59

should I be able to access the setup page using a freshly generated token URL directly from a browser on my Mac? (that is, not from a browser in the VM)

WillyT59 avatar Jan 26 '21 15:01 WillyT59

When I ping fides.sandcats.io I get 174.192.197.212 If you ping fides.sandcats.io from your Mac, do you get some kind of internal network IP address like 10.something or 192.168.something, or the same public address I got? If you get the public address, then the traffic is still going out from your Mac and back through your home firewall and you need the port forwarding set up to allow public internet traffic on port 443 to go to your Ubuntu VM on port 443.

Michael-S avatar Jan 26 '21 16:01 Michael-S

Also, I have a Comcast "xFi" cable modem/router and when I enabled the router feature, my sandcats subdomain stopped being accessible inside or outside my network even with port forwarding. I had to put the cable modem into "bridge" mode, which disables the router feature, and use my own separate router/firewall with port forwarding.

If you have Comcast for internet service, I can explain what went wrong with their router features.

Michael-S avatar Jan 26 '21 16:01 Michael-S