Tonido, iPhone and Reverse Proxy

Support for Tonido on Mobile including iPhone, Blackberry, Android and mobile devices
enwor
Super Tonidoid
Super Tonidoid
Posts: 30
Joined: Thu Jan 27, 2011 11:22 am

Tonido, iPhone and Reverse Proxy

Postby enwor » Thu Jan 27, 2011 11:33 am

Hello,

i'm currently trying to set up tonido, which works very well. Now I have a "special" case, where i'm not sure if this is a bug or a feature.
I set up tonido behind a firewall.
As I already have a running webserver/domain on example.com:443, I have to build a reverse proxy.
So I forwarded example.com:443 to tonidoserver:10001 and example.com isdoing the ssl termination.
This works very well, I can access tonido from outside with any browser via https://example.com/..

Now the problem: when accessing tonido from my iphone tonido app, i works with http/https on tonidoid.com relay but not on https://example.com/ui... there I can login successfully, but when I try to access my files, I get the error message "Network Failure - Unable to retrieve information from Tonido Service"

Could this be a bug in the iphone app or is this a feature?
Feature meaning that ssl in the iphone app is only available when buying the ssl cert from tonido. If this is the case, can i buy the cert from tonido but continuing using my own cert (because the domain is also used for other services)?

Thank you
enwor

User avatar
madhan
Admin Tonidoid
Admin Tonidoid
Posts: 8617
Joined: Tue Dec 30, 2008 12:13 am
Location: Austin, TX, USA
Contact:

Re: Tonido, iPhone and Reverse Proxy

Postby madhan » Thu Jan 27, 2011 12:16 pm

Moving this to Tonido Mobile forums.

What URL are you using the iPhone server settings page?

enwor
Super Tonidoid
Super Tonidoid
Posts: 30
Joined: Thu Jan 27, 2011 11:22 am

Re: Tonido, iPhone and Reverse Proxy

Postby enwor » Thu Jan 27, 2011 4:38 pm

Hi madhan,

thank you for moving my post to the correct forum.
I'm using https://<mydomain>/ or https://<mydomain>:443/ on the iPhone.

Regards
enwor

rydgaze
Tonido Team
Tonido Team
Posts: 1354
Joined: Wed Jan 28, 2009 11:26 pm

Re: Tonido, iPhone and Reverse Proxy

Postby rydgaze » Thu Jan 27, 2011 7:13 pm

Now the problem: when accessing tonido from my iphone tonido app, i works with http/https on tonidoid.com relay but not on https://example.com/ui... there I can login successfully, but when I try to access my files, I get the error message "Network Failure - Unable to retrieve information from Tonido Service"

Could this be a bug in the iphone app or is this a feature?
Feature meaning that ssl in the iphone app is only available when buying the ssl cert from tonido. If this is the case, can i buy the cert from tonido but continuing using my own cert (because the domain is also used for other services)?


The iPhone App uses automatic Lan switching (if you use xxxx.tonidoid.com, but happen to be in the same LAN, then it will try to access using the http://lapip:port ). So I believe that this might be incompatible with your setup. The Certificate shouldnt be an issue (we allow self signed ceritificate from Tonido or your own) to be used to secure the access.

What happens if you just enter your LAP IP And Port https://yourtonidoid:port while connected to your wifi? does it allow you to access the data?

enwor
Super Tonidoid
Super Tonidoid
Posts: 30
Joined: Thu Jan 27, 2011 11:22 am

Re: Tonido, iPhone and Reverse Proxy

Postby enwor » Fri Jan 28, 2011 3:06 am

When using http://<tonidoserver>:10001/ from within my lan, the access works well.

So your are saying, that if my reverse proxy is in the same network as my tonido server and the requests to tonido are actually looking that they are comming from the reverse proxy and therefor out of the same network, the setup won't work?

Is there a way to disable lan switching?
If not, which network class is checked? Would it be sufficiant to put the reverse proxy to another c-class net (192.168.2.0) and leaving the tonido server in another one (192.168.1.0)?
Or do you see any other way, to get the setup working (iphone -> router/port fowarding -> ssl reverse proxy -> tonido).

Thank you
enwor

rydgaze
Tonido Team
Tonido Team
Posts: 1354
Joined: Wed Jan 28, 2009 11:26 pm

Re: Tonido, iPhone and Reverse Proxy

Postby rydgaze » Fri Jan 28, 2011 10:47 am

The way the lan switch works is that the Tonido server detects that the WAN IP is same and it sends a HTTP redirect IP (the server's local lan IP) to the iphone App and the App tries to use that. In your case, the redirect LAN IP sent by Tonido server will not be accessible if the Phone is in a different subnet of the LAN.

There is no switch provided in the app to turn off lan switching (we really didnt think of this use case :) )

enwor
Super Tonidoid
Super Tonidoid
Posts: 30
Joined: Thu Jan 27, 2011 11:22 am

Re: Tonido, iPhone and Reverse Proxy

Postby enwor » Sat Jan 29, 2011 4:18 am

I see.
So if it checks if the WAN IPs are the same, I wont have any success in using different subnets (with free routing) because I only have this single WAN IP.

So how to make a feature request? :-)
Or is this such a big change with too less effort?

Thanks
Enwor

rydgaze
Tonido Team
Tonido Team
Posts: 1354
Joined: Wed Jan 28, 2009 11:26 pm

Re: Tonido, iPhone and Reverse Proxy

Postby rydgaze » Sat Jan 29, 2011 1:42 pm

Is it not possible to allow your router to allow iphone to be assigned an IP in the same subnet as your Tonido server?

I can look into providing a switch to turn off lan switching in newer release if the changes are not too cumbersome.

enwor
Super Tonidoid
Super Tonidoid
Posts: 30
Joined: Thu Jan 27, 2011 11:22 am

Re: Tonido, iPhone and Reverse Proxy

Postby enwor » Sun Jan 30, 2011 7:20 am

A switch to disable LAN switching would be great.
Assigning an IP from the same subnet to the iPhone would be complicated, as I'm accessing the local net from outside (ex 3G). Therefor he hazzle with the ssl reverse proxy.
I try to figure out if there's a way to configure the ssl reverse proxy as a transparent proxy, but as far as I know this isn't possible, the backends will always see the proxy.
So indeed the simplest way would be to allow turning off LAN switching.


Return to “Tonido on Mobile”

Who is online

Users browsing this forum: No registered users and 3 guests