Not able to access url from LAN network but can be accessed from outside

pankaj123

Thanks for reply here is details info

LAN: 192.168.X.X
DMZ: 192.168.X.X
WAN: 74.X.X.X

I have a website hosted. e.g www.abc.com
If I ping www.abc.com from my LAN network request goes to 74.X.X.X
I want it to go to 192.168.X.X

Problem: Using IP address ( 192.168.X.X ) I can access website. But using URL I can't from LAN
Outside of company it works fine

When I changed my host file & address entry ,url works so problem is NDS resolution is not happening
Now I stuck in how to do that in firewall so that all my LAN compueteres when trying to access site goes to DMZ & not to external

Thanks
Pankaj

pankaj123

Hi Did anybody get a chance to look at problem

Thanks
Pankaj

chpalmer

Go to advanced Nat  uncheck "Disable NAT Reflection"…

You will find NAT Reflection also on your NAT forward page also...

pankaj123

Thanks for reply

I "uncheck" both tab in "Advanced"
i.e. Disable NAT reflection for port forwards & Disable NAT reflection for 1:1 forwards
Previously both were checked.

But still I see problem

Regards
Pankaj

marcelloc

@pankaj123:

LAN: 192.168.X.X
DMZ: 192.168.X.X

two networks with same subnet could be the problem. also check rules you applied in LAN and DMZ for name resolutions (udp port 53)

pankaj123

Yes currently LAN & DMA are same network but here what I thought

1. I can access site using IP address ( 192.168.X.X ) & not using URL so, accessibility is not a problem
2. If I put entries in my host file then using URL I am able to access ( 192.168.X.X  www.abc.com )

Not sure whether udp comes into picture or dns is real problem

Thanks & Regards
Pankaj

marcelloc

@pankaj123:

Yes currently LAN & DMA are same network but here what I thought

Do not use same network on two interfaces unless you configured a bridge between them.

Change LAN and or DMA network range or subnet mask and test again.

cmb

@marcelloc:

@pankaj123:

Yes currently LAN & DMA are same network but here what I thought

Do not use same network on two interfaces unless you configured a bridge between them.

Change LAN and or DMA network range or subnet mask and test again.

This. You cannot do what you're doing with any device, you're breaking a general rule of networking and will have various problems.

miles267

am experiencing this same issue.  were you able to resolve?  how?

My router is 192.168.0.1
WAN IP of router: 4.5.6.7

LAN IP of my server: 192.168.0.100
WAN IP of my server: 1.2.3.4

Each time I attempt to access my server (from behind the firewall) using it's internet/WAN IP of 1.2.3.4, I used to be able to do so.  Now, any http://1.2.3.4 points me back to 192.168.0.1.

I have any/all all DISABLE NAT REFLECTION options unchecked.  Seems to be related to 2.0.1 release.  May need to roll back to 2.0 release.

marcelloc

Change pfsense webgui port to some port other then service port you want to nat.