Ruskdesk von Extern über den Ningx Proxy Manager

Maclife · 1 March 2025 13:09

Sorry, it’s me again. I’m currently trying to access my RustDesk server from external networks through my Nginx Proxy Manager. I’ve opened the ports 21114-21119 TCP and 21114 and 21116 UDP on my Fritzbox. In Nginx, I’ve also set up a stream for each port to my local IP.

Unfortunately, I still can’t connect from external networks. Since I installed Nginx via Docker following the video tutorial, I don’t know how to access the Nginx configuration files or what I might be doing wrong.

Has anyone already gained experience with this? Can someone help me out?

Joulinar · 1 March 2025 14:01

Your Nginx Proxy manager is not listing to other ports than 80/443. Therefore it’s not involved into communication for Rustdesk at all

You can check available ports like

ss -tulpn | grep LISTEN

Maclife · 1 March 2025 14:17

Thank you! I entered the command. This is the result.

tcp   LISTEN 0      4096                                       0.0.0.0:21116      0.0.0.0:*    users:(("docker-proxy",pid=2328,fd=7))
tcp   LISTEN 0      4096                                       0.0.0.0:21117      0.0.0.0:*    users:(("docker-proxy",pid=2360,fd=7))
tcp   LISTEN 0      4096                                       0.0.0.0:21118      0.0.0.0:*    users:(("docker-proxy",pid=2379,fd=7))
tcp   LISTEN 0      4096                                       0.0.0.0:21119      0.0.0.0:*    users:(("docker-proxy",pid=2395,fd=7))
tcp   LISTEN 0      4096                                       0.0.0.0:21115      0.0.0.0:*    users:(("docker-proxy",pid=2315,fd=7))
tcp   LISTEN 0      1000                                       0.0.0.0:22         0.0.0.0:*    users:(("dropbear",pid=388,fd=3))     
tcp   LISTEN 0      4096                                       0.0.0.0:80         0.0.0.0:*    users:(("docker-proxy",pid=2275,fd=7))
tcp   LISTEN 0      4096                                       0.0.0.0:81         0.0.0.0:*    users:(("docker-proxy",pid=2289,fd=7))
tcp   LISTEN 0      4096                                       0.0.0.0:443        0.0.0.0:*    users:(("docker-proxy",pid=2300,fd=7))
tcp   LISTEN 0      4096                                          [::]:21116         [::]:*    users:(("docker-proxy",pid=2338,fd=7))
tcp   LISTEN 0      4096                                          [::]:21117         [::]:*    users:(("docker-proxy",pid=2369,fd=7))
tcp   LISTEN 0      4096                                          [::]:21118         [::]:*    users:(("docker-proxy",pid=2386,fd=7))
tcp   LISTEN 0      4096                                          [::]:21119         [::]:*    users:(("docker-proxy",pid=2402,fd=7))
tcp   LISTEN 0      4096                                          [::]:21115         [::]:*    users:(("docker-proxy",pid=2322,fd=7))
tcp   LISTEN 0      1000                                          [::]:22            [::]:*    users:(("dropbear",pid=388,fd=4))     
tcp   LISTEN 0      4096                                          [::]:80            [::]:*    users:(("docker-proxy",pid=2280,fd=7))
tcp   LISTEN 0      4096                                          [::]:81            [::]:*    users:(("docker-proxy",pid=2294,fd=7))
tcp   LISTEN 0      4096                                          [::]:443           [::]:*    users:(("docker-proxy",pid=2308,fd=7))

I added the ports to the Docker Compose file afterwards and restarted the container. I was hoping it would apply the changes.

What I noticed is that there are no UDP ports listed — or is that a different command?

Joulinar · 1 March 2025 14:27

To which Docker configuration you added this? I hope not to NPM

Maclife · 1 March 2025 14:42

I did add the lines to the Docker config of the Nginx Proxy.

services:
  app:
    image: 'jc21/nginx-proxy-manager:latest'
    restart: unless-stopped
    ports:
      # These ports are in format <host-port>:<container-port>
      - '80:80' # Public HTTP Port
      - '443:443' # Public HTTPS Port
      - '81:81' # Admin Web Port
      # Add any other Stream port you want to expose
      # - '21:21' # FTP

      # Ports needed for Rustdesk:
      - '21115:21115'
      - '21116:21116'
      - '21116:21116/udp'
      - '21117:21117'
      - '21118:21118'
      - '21119:21119'

Joulinar · 1 March 2025 14:47

But this will map these ports into the container for NPM which is totally wrong. At least I would expect Rustdesk to fail because these ports are blocked by NPM container now.

Maclife · 1 March 2025 15:16

If I remove the ports, I get the following error when trying to connect from external:

Failed to connect to domain.dyndns.org:21116
Please try again

With the ports added, I get:

failed to lookup address information:
No address associated with hostname

I have now entered the IP in the stream settings — maybe I need to enter the domain name of the proxy host instead?

What I also noticed is that the UDP port is not shown, but with the ss command and the -u option, it should be listed.

Now the question is why it doesn’t apply the UDP port.

Joulinar · 1 March 2025 15:17

Forget about the proxy. It is not involved at all. Check the service of Rustdesk if it is up and running

Maclife · 1 March 2025 15:26

From the internal network, I can access the RustDesk server and connect without any issues.

However, I don’t want the RustDesk server to be directly exposed to the internet. The requests should go through the proxy, just like it already works for Nextcloud.

Joulinar · 1 March 2025 15:34

But than you don’t should open ports to internet. This is working against your concept. Because this is what you have now.

Anyway how do you setup Rustdesk? Is it working inside a container as well? Or a native app?

Maclife · 1 March 2025 15:42

I created a VM with DietPi and installed RustDesk there, following the instructions from their website.

The Nginx Proxy Manager is running on a different DietPi VM in Docker. I followed video tutorials and created a DietPi VM template.

At the moment, only the proxy is accessible from the internet.

Joulinar · 1 March 2025 19:09

Why not forwarding ports for Rustdesk to the appropriate VM directly? There is not really a benefit using NPM in this case.

Maclife · 1 March 2025 19:30

My idea is to have only a single point of contact to the internet.

Maybe I should look into whether there is a firewall option that could handle this.

Joulinar · 1 March 2025 19:42

But your only access to the Internet is your router. This is where all your data traffic flows through. And why not having NPM as well as Rustdesk together on a single system?

Still NPM is quite some overkill just for having SSL active on Nextcloud.