Accessible through a browser, but not through curl

I have the following chain
A DNS record → firewall IP → firewall rules redirect to a server on the internal network

These are the 2 rules:

TCPAnyFirewall : 80 -> 80

TCPAnyFirewall : 443 -> 443

On the internal server I have stored some test file under http://xxx.xx.xx/.well-known/test-challenge.txt

Now I can access this file from an external network by calling the URL in a browser. But I can’t access it through curl http://xxx.xx.xx/.well-known/test-challenge.txt. It gives a timeout error

curl: (28) Failed to connect to port 80 after 131066 ms: Connection timed out

Why that? Maybe something in the firewall setting, but what can it be? (My core problem is that Certbot is unable to complete a http-01 challenge and I’m trying to find out why by testing the access.)

Welcome to our community.

If you have activated /Firewall/location block in the Web User Interface, the Certbot renewal will fail; you need to disable it during the procedure.

About curl, from IPFire console issue tail -f /var/log/messages while you connect with curl to see what the kernel is doing. This will help you debugging the issue.