RV325 SSL Website Errors

sspivey · ‎12-31-2018

I am hosting a Wordpress site on an internal Linux server that now needs to be accessible by users outside of my network. I have configure the WP site with SSL certs and have confirmed those certs are working properly. I can access the sites from my internal subnet, I have them configured in the DNS Local Database, with no problem. But as soon as I attempt to access the site from outside my network, I get cert errors. I have gone through multiple configuration steps in an attempt to resolve the issue, turning off the firewall completely is one of them. But I cannot get this to work.

Because I can access the SSL site when it is listed in the DNS Local Database without a problem, but cannot access it otherwise, it makes me believe I have a configuration issue with the router/firewall. I have searched through the discussion threads also but have not found a thread that resolves my issue.

Georg Pauwen · ‎12-31-2018

Hello,

what is the URL of the website ?

If you enable the firewall and allow HTTPS (page 77 of the attached guide) it doesn't work I guess ?

A lot of times these seemingly illogical problems with small business devices is the firmware. Just make sure you are running the latest version, release 1.4.2.19.

https://www.cisco.com/c/dam/en/us/td/docs/routers/csbr/rv320/administration/guide/en/rv32x_ag_en.pdf

sspivey · ‎12-31-2018

The website is https://asystyoutech.com

I have HTTPS enabled in the firewall settings and also confirmed I am running the latest firmware.

One thing I am wondering is does the SSL cert I am using to access the admin GUI of the router have any impact on this? I am just using a self signed cert because I am only accessing this from internal subnet. I don't really know enough about SSL certs on routers/firewalls to understand if this is an issue or not.

Georg Pauwen · ‎12-31-2018

Hello,

attached is what I get...

Georg Pauwen · ‎12-31-2018

Hello,

looks like OpenDNS has flagged your site as infected with malware.

You could open a support ticket with Umbrella (right top corner) and find out why your site is being blocked. One thing, it is not the RV325 blocking the site.

https://support.umbrella.com/hc/en-us

sspivey · ‎12-31-2018

Yes I was just reading that in the screenshot you posted. How did you determine that? I have searched everywhere I know of and could not get that detail.

Thanks for the information though. That will be extremely helpful.

Georg Pauwen · ‎12-31-2018

Hello,

I might be getting a different message since I am accessing your site from the outside...

Hopefully Umbrella can at least tell you why they are blocking the site...

Happy New Year !

sspivey · ‎12-31-2018

Ok I just pulled this from an external server I manage and this is the error message I am getting. The Issuer is the same as the self signed SSL cert on the RV325 I am running.

I seems that must be at least part of the problem. OpenDNS sees this cert an invalid. So now I need to figure out how to install a legitimate SSL cert on my router.

sspivey · ‎12-31-2018

I've made some more progress now and the problem definitely seems to be the router. Even though I couldn't see any reason to add the SSL cert to the router, I created the necessary .PEM files and added the cert for asystyoutech.com and asystyoumarketing.com to the certificate management section of the router.

Then I was able to get Firefox running on a machine from outside my network to honor a security exception for the site. When the page finally loads it is the configuration page for the router. I had set the remote management port in the firewall to 8443 before I started working on this, so I never assumed that would be causing an issue.

I have now disabled Remote Management altogether, but the problem still exists. Every time I attempt to access the SSL web site the router configuration screen loads. The full DNS name is resolving to that page.

It appears something in the firmware for the router is forcing remote management and it is forcing it over port 443.