Web server behind virtual IP on WAN
-
Obviously it won't go easy as I thought….
I have tried tons of solutions across the web so excuse me if I mess something and sure I was.
See attachments and we can discuss futher.
Thanks
 -
Just to clarify…
-.-.-.117 is VIP (proxy arp of WAN)
-.-.-.116 is WAN address
10.10.0.0/19 is LAN
Also, there is opt1 but it is irelevant for this. -
The screenshots look good.
What does not work?
-
I can not access web page over http://-.-.-.117 which is located on 10.10.25.11
States:
tcp 10.10.25.11:80 <- -.-.-.117:80 <- -.-..234:2990 CLOSED:SYN_SENT
tcp -.-.-.-.234:2990 -> 10.10.25.11:80 SYN_SENT:CLOSED -
Are you trying to access from inside your own network or from the outside?
From the inside will not work.The solution would be to enable NAT reflection, however i'm not sure if NAT reflection is compatible with PARP VIPs.
-
I can access localy http://10.10.25.11 or over public 117 in LAN (I enabled NAT reflection and I can open page inside LAN but outside…)
-
The -.-.-.-.234:2990 is machine I controll remotely and try outside network.
-
It seems like everything is ko but it doesn't work. I have tried to give the web server public IP and it is reachable from outside. It is high risk for me and I can't figure out how to do this simple port fwd.
Do I have to make any changes on server ie to put gateway which is VIP, i don;t know or to setup some outgoing NAT.
Thanks in advance.
-
THe firewall log is ok, the traffic is passed to web server.
-
It would be helpful if someone can provide me screenshots of his configuration for any service which is behind VIP (or WAN IP).
I don't know where is mistake, is it NAT or firewall or pfsense generaly.Thanks
-
Usualy it is something stupid. The firewall on local web server blocked traffic.
Everything works like a charm.
I fwded SSH and HTTP without any problem.
Thanks.
