Accessing Graylog Externally

(Liam Sullivan) #1

Hi

I’m running a single node set up of Graylog 3.0.1, it is built on CentOS 7.5. I have set up an Apache reverse proxy which is where I am terminating SSL connections. The SSL cert is not self-signed. The conf file for the reverse proxy is as follows:

<VirtualHost *:80>
ServerName lcmgraylog.lcm.ac.uk
Redirect permanent / https://my.graylog.url/
</VirtualHost>

<VirtualHost *:443>
    ServerName https://my.graylog.url/
    ProxyRequests Off
    SSLEngine on
    SSLCertificateFile      /opt/graylog.crt
    SSLCertificateKeyFile   /opt/graylog.key

    <Proxy *>
        Order deny,allow
        Allow from all
    </Proxy>

    <Location />
        RequestHeader set X-Graylog-Server-URL "https://my.graylog.url/"
        ProxyPass http://10.80.56.24:9000/
        ProxyPassReverse http://10.80.56.24:9000/
    </Location>

</VirtualHost>

#SSL Configuration
SSLProtocol             all -SSLv3 -TLSv1 -TLSv1.1
SSLCipherSuite          ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256
SSLHonorCipherOrder     on
SSLCompression          off
SSLSessionTickets       off

# OCSP Stapling
SSLUseStapling          on
SSLStaplingResponderTimeout 5
SSLStaplingReturnResponderErrors off
SSLStaplingCache        shmcb:/var/run/ocsp(128000)

My server.conf file has the http_bind_address set to the private IP address of the server on port 9000.
The http_publish_uri is set to https://my.graylog.url/api/
The http_external_uri is set to https://my.graylog.url/

The private IP is natted through a Cisco ASA to a public IP address. I can access the Graylog system internally although many of the pages give me the following error when I’m logged in:
Loading component failed: Loading chunk 2e726fa8-24 failed.

I cannot access the application externally at all.

Is there any chance that someone could point me in the right direction here?

Kind Regards

Sully