Re: [D] Cannot view vm instance console remotely - site Cannot be reached [cloudstack]

Wed, 17 Jun 2026 07:50:47 -0700 


GitHub user ewerton-silva00 edited a comment on the discussion: Cannot view vm 
instance console remotely - site Cannot be reached

Perhaps this will help.

- Use Nginx as a reverse proxy.
- My CloudStack environment uses an Advanced Zone.

This is my configuration:
```
server {
    listen 443 ssl http2;
    listen 8080 ssl http2;
    server_name 
~^(?<oct1>192)-(?<oct2>168)-(?<oct3>0)-(?<oct4>[1-9][0-9]?)\.consoleproxy\.mydomain\.io$;

    ssl_certificate 
/etc/letsencrypt/live/consoleproxy.mydomain.io/fullchain.pem;
    ssl_certificate_key 
/etc/letsencrypt/live/consoleproxy.mydomain.io/privkey.pem;
    ssl_dhparam /etc/ssl/dhparam.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;

    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; 
preload" always;
    add_header X-Content-Type-Options nosniff always;
    add_header X-Frame-Options DENY always;
    add_header X-XSS-Protection "1; mode=block" always;
    add_header Referrer-Policy "strict-origin-when-cross-origin" always;

    access_log /var/log/nginx/consoleproxy.access.log;
    error_log /var/log/nginx/consoleproxy.error.log warn;

    if ($oct4 !~ ^(1[0-9]|[2-4][0-9]|50)$) { return 403; }

    set $backend_ip "${oct1}.${oct2}.${oct3}.${oct4}";

    client_max_body_size 0;
    proxy_http_version 1.1;
    proxy_cache off;
    proxy_request_buffering off;
    proxy_buffering off;
    proxy_max_temp_file_size 0;
    proxy_redirect off;    

    location / {
        proxy_pass http://$backend_ip;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_read_timeout 600;
    }

    location /websockify {
        proxy_pass http://$backend_ip:8080;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection "upgrade";
        proxy_cache_bypass $http_upgrade;
        proxy_ignore_client_abort off;
        proxy_read_timeout 86400;
    }
}
```

**Note**:

The Management Server port needs to be changed to something other than 8080.

GitHub link: 
https://github.com/apache/cloudstack/discussions/13295#discussioncomment-17339868

----
This is an automatically sent email for [email protected].
To unsubscribe, please send an email to: [email protected]

Reply via email to