Setup a local controller in Proxmox, version 1.0r.
Everything works fine in my LAN.
Created a DNS entry so I can use https://random.ddns.manage.alta.inc in my internal network (without the local in front).
Now I want to have external access to my controller.
But: I only have one external fixed IP, so I use a reverse proxy (Microsoft IIS with ARR) to get access to several servers.
Created a server farm and rewrite rule for the Alta FQDN https://random.ddns.manage.alta.inc.
Due to the Letsencrypt certificate the Alta controller uses, I got a certificate error from outside my network (since the ARR replaces the Let’s Encrypt certificate with my own wildcard certificate, this is expected behavior). This is no issue for my other internal servers, since they all use my official wildcard certificate, the same one the ARR uses.
So instead of using random.ddns.manage.alta.inc I created a new public DNS record alta.mydomain.com and the ARR does a rewrite from https://alta.mydomain.com to https://random.ddns.manage.alta.inc to go to the internal controller.
When I browse from an external computer to https://alta.mydomain.com, I get the controller login page and no certificate error. The certificate is my official wildcard certificate.
But I can’t login: Incorrect username or password.
I added the FQDN https://alta.mydomain.com to Allowed Origins, but this does not solve the problem.
So I tried it another way. I did a port forward of port 8443 to 443 and added port 8443 to Allowed Ports in the controller.
When I go to https://random.ddns.manage.alta.inc:8443, I get the controller login page and can login without any problem. If I don’t add port 8443 to Allowed Ports, I get the login page but cannot login.
But I would prefer to use my ARR and https://alta.mydomain.com.
What am I missing this is not working?