diff --git a/Reverse-Proxy-Diagnostics-Troubleshooting.md b/Reverse-Proxy-Diagnostics-Troubleshooting.md
new file mode 100644
index 0000000..eac438a
--- /dev/null
+++ b/Reverse-Proxy-Diagnostics-Troubleshooting.md
@@ -0,0 +1,121 @@
+See also:
+* Q&A: https://github.com/Kozea/Radicale/discussions/categories/q-a-reverse-proxy
+
+Precondition "radicale" server is running fine and accessable
+* Wiki: https://github.com/Kozea/Radicale/wiki/Server-Diagnostics---Troubleshooting
+* Q&A: https://github.com/Kozea/Radicale/discussions/categories/q-a-server
+
+# Listen Status
+
+Check whether "reverse proxy" is proper running
+
+## Webserver "Apache"
+
+Example
+
+```
+netstat -nlpt | grep -E ":(80|443) "
+tcp6       0      0 :::443                  :::*                    LISTEN      1427/httpd          
+tcp6       0      0 :::80                   :::*                    LISTEN      1427/httpd          
+```
+
+## Webserver "nginx"
+
+Example (no TLS configured so far)
+
+```
+netstat -nlpt | grep -E ":(80|443) "
+tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      1667/nginx: master  
+tcp6       0      0 :::80                   :::*                    LISTEN      1667/nginx: master  
+```
+
+# Proxy connection to "radicale"
+
+## SELinux
+
+In case of SELinux is active and and in "enforcing" mode, SELinux may block connection from "reverse proxy" to "radicale"
+
+### Current status of SELinux
+
+```
+sestatus | grep -E "(SELinux status|Current mode)"
+SELinux status:                 enabled
+Current mode:                   enforcing
+```
+
+### Check SELinux toggle
+
+At least supported on Enterprise & Fedora Linux
+
+Example for prohibited connection from "reverse proxy" to other servers ("radicale" or any other)
+
+```
+getsebool httpd_can_network_connect
+httpd_can_network_connect --> off
+```
+
+### Permanent enabling
+
+Systems not having extra SELinux policy for "radicale"
+
+```
+setsebool -P httpd_can_network_connect=1
+
+getsebool httpd_can_network_connect
+httpd_can_network_connect --> on
+```
+
+## Send request via "reverse proxy"
+
+### Webserver "Apache"
+
+Example for unsuccessful request
+
+```
+curl  -I http://localhost:80/radicale/.web/
+HTTP/1.1 503 Service Unavailable
+Date: Sat, 16 Mar 2024 15:41:29 GMT
+Server: Apache/2.4.57 (AlmaLinux) OpenSSL/3.0.7 mod_fcgid/2.3.9 mod_qos/11.74 mod_wsgi/4.7.1 Python/3.9
+Connection: close
+Content-Type: text/html; charset=iso-8859-1
+```
+
+Example for successful request
+
+```
+curl  -I http://localhost:80/radicale/.web/
+HTTP/1.1 200 OK
+Date: Sat, 16 Mar 2024 15:42:01 GMT
+Server: WSGIServer/0.2 CPython/3.9.18
+Content-Type: text/html; charset=UTF-8
+Last-Modified: Wed, 13 Mar 2024 05:36:47 GMT
+Content-Length: 8091
+```
+
+### Webserver "nginx"
+
+Example for unsuccessful request
+
+```
+curl  -I http://localhost:80/radicale/.web/
+HTTP/1.1 502 Bad Gateway
+Server: nginx/1.20.1
+Date: Sat, 16 Mar 2024 15:30:51 GMT
+Content-Type: text/html
+Content-Length: 3854
+Connection: keep-alive
+ETag: "652d1e3f-f0e"
+```
+
+Example for successful request
+
+```
+curl  -I http://localhost:80/radicale/.web/
+HTTP/1.1 200 OK
+Server: nginx/1.20.1
+Date: Sat, 16 Mar 2024 15:32:56 GMT
+Content-Type: text/html
+Content-Length: 8091
+Connection: keep-alive
+Last-Modified: Wed, 13 Mar 2024 05:36:47 GMT
+```
\ No newline at end of file