Access internal computers using external IP & ports?
-
How do I set this up?
From external computer:
<dyndns.org-domain>:3000 -> goes to pc1:3389
<external-ip>:3000 -> goes to pc1:3389That works fine.
But if I'm inside the network:
<dyndns.orgdomain>:3000 -> times out
<external-ip>:3000 -> times out
pc1:3389 -> goes to pc1:3389How do I make pfsense loop back like that inside the network?</external-ip></dyndns.orgdomain></external-ip></dyndns.org-domain>
-
I would like to know that too.
I know that juniper has this default in there config.I do it using a dns. I just change the ip from what x.mydomain.com resolves to.
Example test.domain.com –> XXX.XXX.XXX.XXX
In my local dns it resolves to 192.168.1.1 -
Can you explain how you set that up? Did you use the DNS Forwarder?
-
You can create local dns entrys in your own dns server
-
But its the IP that doesn't seem to loop back.
Accessing 24.34.44.54:8080 just times out inside the LAN. Accessed from the WAN it forwards to the proper pc.
For example:
custom.dyndns.org -> 24.34.44.54
pfsense -> 192.168.1.1So I go into my local DNS server and manually set:
custom.dyndns.org -> 192.168.1.1pfsense forwards port 8080 to 192.168.1.20
and I try to access custom.dyndns.org:8080 is going to point to pfsense:8080 not 192.168.1.20:8080
does this mean I have to set my custom dns records for each pc?
outside:
custom1.dyndns.org -> 24.34.44.54
custom2.dyndns.org -> 24.34.44.54
custom3.dyndns.org -> 24.34.44.54inside:
custom1.dyndns.org -> 192.168.1.20
custom2.dyndns.org -> 192.168.1.21
custom3.dyndns.org -> 192.168.1.22?
That seems like a really bad way of doing it…
-
Only the machines you have to access via wan address.
-
The problem you're facing is called NAT Reflection and if you search the forum you'll find more about how to deal with it.
-
To anyone who has problems with this:
http://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks%3FSorry should had looked there. Btw another cool feature!!!
-
@Cry:
The problem you're facing is called NAT Reflection and if you search the forum you'll find more about how to deal with it.
Wow, just one check box, thanks :)
That's exactly what I wanted to do.