Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Mask IP:port pairs as a dummy IP

    Scheduled Pinned Locked Moved NAT
    4 Posts 3 Posters 484 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      killater
      last edited by

      Hello guys!
      I've got a following issue: I have a number of devices in my network with web insterfaces on different ports, I want users to simply enter server.network.com and see the desired server without memorizing number of ports for each service.
      My Lan interface is in 192.168.1.0 subnet
      I've set DNS resolver override to return dummy IPs(192.168.0.0) for the names like server1.network.com , server2.network.com, then I've created NAT port-forward Rule to go from port 80 on dummy IP to a real port on real IP.
      But traceroute shows that packets go outside(to a WAN interface).

      Is there a way to do this masking in a more elegant way?

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Are these devices on a different network than your LAN?  I wasn't sure if the IPs you provided were just for example or real.  A reverse proxy might help here, like HAProxy.

        1 Reply Last reply Reply Quote 0
        • GruensFroeschliG
          GruensFroeschli
          last edited by

          https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

          In such a scenario i guess you can't use split DNS, thus have to go the NAT reflection route.

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • K
            killater
            last edited by

            @KOM:

            Are these devices on a different network than your LAN?  I wasn't sure if the IPs you provided were just for example or real.  A reverse proxy might help here, like HAProxy.

            No all servers are in the same network wich is my LAN. I use different IP subnets to sepparate real addreses from fake.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.