Firewall Question

I have a Public IP set to Mikrotik I set two NAT rules to the firewall to forward port 80 and 8080 to my Splynx box (those are the only two NAT and Filter Rules set).

When I go to the public IP (URL) i am able to login as the admin, and navigate the menu. What is not work though is I am unable to use features that popup, like the add tariff button, open logs, edit customers, etc. In the error logs I get the error listed below.

The second think I noticed was that the customer portal will not let the customers log in. When atempting to log in the error “Session was expired. Please, re-login!”

When connecting from the private network, everything works. Any ideas?

Fatal error: Uncaught exceptions\http\BadRequest: Unable to verify your data submission. in /var/www/splynx/app/web/Controller.php:355
Stack trace:
#0 /var/www/splynx/app/base/Controller.php(53): web\Controller->beforeAction()
#1 /var/www/splynx/app/core/Router.php(256): base\Controller->runAction(‘add’, Array)
#2 /var/www/splynx/app/core/Router.php(212): core\Router->runAction(Object(controllers\admin\tariffs\InternetController))
#3 /var/www/splynx/app/core/Router.php(37): core\Router->run()
#4 /var/www/splynx/app/BaseApp.php(72): core\Router->dispatch()
#5 /var/www/splynx/web/index.php(28): BaseApp->run()
#6 {main}
thrown in /var/www/splynx/app/web/Controller.php on line 355

i think one possible problem here is headers (of http packages) is broken
(this possible in case when you have small MTU configured on router. (or some like that)

ps: in every request Splynx send small additional header for prevent CSRF attack -https://en.wikipedia.org/wiki/Cross-site_request_forgery

Thanks for the help! I can verify that it is the router that is restricting something, As I moved the splynx box behind an actual firewall on a different network, and everything worked.

I checked the MTU on the Mikrotik router and all Ethr ports and vlans are at MTU 1500(highest that unit can go) does splynx need more than that?

Hi, Splynx doesn’t need MTU > 1500, it’s a regular web application as facebook or others.
I think that issue was not related to MTU but some other wrong networking settings