ASP.NET Core behind NGINX Reverse Proxy

Question

I have a problem trying to run my ASP.NET Core 3 App behind a NGINX reverse proxy. I am following this guide: https://learn.microsoft.com/en-us/aspnet/core/host-and-deploy/linux-nginx?view=aspnetcore-3.1

I am using Let's Encrypt for my SSL Certificate and proxy pass to a different machine in my local network. I do not really know how to fix this problem. I already tried to secure the connection between the reverse proxy and the Kestrel Server with SSL, but this still does not work. Any Help would be greatly appreciated. My NGINX Site.conf file is the following:

upstream dotnet {
    zone dotnet 64k;
    server 192.168.3.222:5000;
}
server {
    server_name   MyDomain.net *.MyDomain.net;
    location / {
            proxy_pass         http://dotnet;
            proxy_http_version 1.1;
            proxy_set_header   Upgrade $http_upgrade;
            proxy_set_header   Connection keep-alive;
            proxy_set_header   Host $host;
            proxy_cache_bypass $http_upgrade;
            proxy_set_header   X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header   X-Forwarded-Proto $scheme;
            fastcgi_buffers 16 16k;
            fastcgi_buffer_size 32k;
            access_log      /var/log/nginx/MyDomain.access.log;
            error_log       /var/log/nginx/MyDomain.error.log;
    }
    location = /favicon.ico {
            log_not_found off;
    }

listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/mydomain.net/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/mydomain.net/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
server {
if ($host = MyDomain.net) {
    return 301 https://$host$request_uri;
} # managed by Certbot


    listen        80;
    server_name   MyDomain.net;
return 404; # managed by Certbot


}

The ASP.NET Core App is running on a different machine (Local Ip: 192.168.3.222) than the NGINX reverse proxy (Local Ip: 192.168.3.111). If I set up a NGINX reverse proxy on the machine the ASP.NET Core App is running and proxy pass to 127.0.0.1:5000 I can access it over the local network without problems. I also configured the Startup.cs to accept my reverse proxy:

public void ConfigureServices(IServiceCollection services)
{
// Configure Headers. Required by Nginx RProxy
        services.Configure<ForwardedHeadersOptions>(options =>
        {
            options.ForwardedHeaders =
                ForwardedHeaders.XForwardedFor | ForwardedHeaders.XForwardedProto;                
            options.KnownProxies.Add(IPAddress.Parse("192.168.3.111"));
            options.KnownNetworks.Add(new IPNetwork(IPAddress.Parse("192.168.3.0"),24));
}

public void Configure(IApplicationBuilder app, IWebHostEnvironment env, IServiceProvider serviceProvider)
{
// Forward Headers required by Nginx RProxy
        app.UseForwardedHeaders();
app.UseHttpsRedirection();
app.UseStaticFiles();
app.UseRouting();
}

If I try to access MyDomain.net I get a 502 Bad Gateway. So the Reverse Proxy cannot connect to the App. The Example in the Documentation uses a Reverse Proxy on the same Machine as the Kestrel Server. The NGINX Error Log is the following:

failed (111: Connection refused) while connecting to upstream, client: 0.0.0.0.1, server: mydomain.net, request: "GET / HTTP/1.1", upstream: "http://192.168.3.222:5000/$ , host: "mydomain.net"

The Machine with the Kestrel Server allows incoming traffic for Port 5000 and 5001.