sampledomain.no-ip.biz I’ll for ownCloud for now. But how I can setup ownCloud for listening on port 2080 and 2443? Or only 2443 for https only?
I can forward port and set no-ip for sampledomain.no-ip.biz → sampledomain.asuscomm.com:2443 ??
It doesn’t matter how much DDNS domain you have. They all will resolve to the very same external IP address. Therefore, you can’t use port 443 more than once. As it is blocked by AGH, it can’t be used by OwnCloud to do HTTPS/SSL
The only solution to reach AGH + Ownlcoud on port 443, would be to setup a revers proxy. This would be the most elegant solution as the proxy would handl all SSL certificates and you don’t need to configure each and every app to do HTTPS individually.
as stated above, this doesn’t matter how much domains you will use. At the end a port can be used once. For using it multiple time, a proxy is needed who could decide, depending on your domain, what to do. And Nginx is quite a good option to setup the proxy. However, you would need to remove port 443 on AGH + disable SSL, create a cert for Nginx using dietpi-letsencrypt. Once this is working and Owncloud is reachable on HTTPS, you could create the proxy entry for AGH.
what should be the goal of this? Are there clients/devices that should connect to AGH using DoT? Or should AGH connect to upstream DNS using DoT? Maybe try to describe the solution a little more on what you are trying to achieve.
HTTPS port is 443.
8083 is the HTTP port of AGH. SSL is done by Nginx now and not by AGH anymore.
It would require a complete rework on the Nginx configuration, if you like Nginx to decide by domain what to do. You need to create VirtualHost entries per domain and block access by IP.
But this is just a setting how AGH is going to resolve DNS request towards upstream DNS server. This has nothing to do on how clients will resolve DNS request towards AGH. Just activating DoT inside AGH will not have any effect on how clients are going to resolve their DNS request. And I doubt it will block anything. Blocking is done based on Ad block list you are going to add into AGH.
I guess you are trying to block DoT access for your clients right? But I don’t know if this is working like shown on the screen prints as I’m not familiar with your router model. As well, ensure you have activated DoT server inside AGH.