Using DNS and multiple hosts
-
Hi there,
First of all I would like to thank you guys for making this wonderful OS!
I've a few questions (some of them are probably nooby) about running pfSense and it capabilities in the company I work for.
The setup:
We have a 100/100 fiber connection with a static IPv4 and IPv6/48.
Behind that connection is a ESXi server and on that server we have among other things the pfSense OS. The pfSense OS is connected to the modem for the internet connection. The rest of the network is connected to an other NIC for the LAN.
(so it is ISP -> WAN NIC -> pfSense (on ESXi) -> LAN -> 48port switch -> rest of the LAN network)
On that network we have a file transfer (liquid files), Exchange, FTP, hour registration, online calendar and so.What we have now:
pfSense is running and the DHCP (v4 and v6) are running. The PC's in the LAN are getting a IPv6 and IPv4 address from DHCP and DNS and Gateway are all working nice.
Using the internet and e-mail all works.
eltomation.com pointing to our static IPv4 addressWhat we want:
Setting up a DNS for external use so that:- a.eltomation.com points to the filetransfer
- b.eltomation.com points to ftp
- c.eltomation.com points to the online calendar
- d.eltomation.com point to the hour registration
- www.eltomation.com and eltomation.com point to the website
- outlook connects to the exchange server
Setting up a DNS for local use so that:
- weburen/ points to an internal ip adres for the hour registration
- files/ points to an internal ip adres for the file transer
- and so on.
Running a website so that we can host our own site (www.eltomation.com and eltomation.com need to connect to that site)
Keeping it all secure with the firewall.
The question:
How to set this all up?
A step by step guide would be nice, but pointing me in the right directions or topics is okay to.I have been fiddling with some settings and the internal DNS seems to work with the DNSforwarder.
But the rest I cant get to work. I've installed tinyDNS addon but there are to many switches I don't understand ;)
I've also installed the vHost addon. But I cant get that to work either. -
What we want:
Setting up a DNS for external use so that:- a.eltomation.com points to the filetransfer
- b.eltomation.com points to ftp
- c.eltomation.com points to the online calendar
- d.eltomation.com point to the hour registration
- www.eltomation.com and eltomation.com point to the website
- outlook connects to the exchange server
Setting up a DNS for local use so that:
- weburen/ points to an internal ip adres for the hour registration
- files/ points to an internal ip adres for the file transer
- and so on.
Running a website so that we can host our own site (www.eltomation.com and eltomation.com need to connect to that site)
Keeping it all secure with the firewall.
Are these services provided by different servers internally?
If yes, then it's just a matter of creating the DNS entries on your DNS server pointing to your public IP and then forwarding the corresponding ports to the different servers.
If these are all http services and you don't have multiple public IP's, there is no way to redirect the request to different server short of using a reverse proxy.
I think the package HAproxy should be able to do this.
Alternatively you just forward port 80 to your server and solve everything internally with virtual hosts
–> configure your webserver to handle the different requests.To point locally to different servers dependent on the name:
This should help you: http://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks%3F -
These services are provided by different servers, so the ip adres is different.
How can I create the adres a.eltomation.com and b.eltomation.com? and how do I create that DNS record so that any one visiting that adres would be redirected? (of course the need a password and login for the most services except the website.
I can't figure out how to set up the DNS. To many switches I don't understand ;)
-
This is not something you configure on the pfSense.
If you don't control the infrastructure providing DNS services for your domain, you need to contact whoever set up your domain names.
Password/Login for your services isn't something the pfSense does either.
You will need to configure your webinterfaces/services directly.the whois entry for eltomation.com is
Registrant:
Eltomation B.V.
Tromplaan 3
VOORTHUIZEN 3781tc
NLDomain Name: ELTOMATION.COM
–----------------------------------------------------------------------
Promote your business to millions of viewers for only $1 a month
Learn how you can get an Enhanced Business Listing here for your domain name.
Learn more at http://www.NetworkSolutions.com/
------------------------------------------------------------------------Administrative Contact:
Eltomation B.V. info@eltomation.nl
Tromplaan 3
VOORTHUIZEN 3781tc
NL
0342-476353 fax: 0342-475618Technical Contact:
Role Account, XS4ALL Domain networksolutions@xs4all.nl
Postbus 1848
Amsterdam 1000 BV, NH 1112 XH
NL
+31-20-3987654 fax: +31-20-3987604so this is probably who you have to contact.
-
This is not something you configure on the pfSense.
If you don't control the infrastructure providing DNS services for your domain, you need to contact whoever set up your domain names.
Password/Login for your services isn't something the pfSense does either.
You will need to configure your webinterfaces/services directly.the whois entry for eltomation.com is
Registrant:
Eltomation B.V.
Tromplaan 3
VOORTHUIZEN 3781tc
NLDomain Name: ELTOMATION.COM
–----------------------------------------------------------------------
Promote your business to millions of viewers for only $1 a month
Learn how you can get an Enhanced Business Listing here for your domain name.
Learn more at http://www.NetworkSolutions.com/
------------------------------------------------------------------------Administrative Contact:
Eltomation B.V. info@eltomation.nl
Tromplaan 3
VOORTHUIZEN 3781tc
NL
0342-476353 fax: 0342-475618Technical Contact:
Role Account, XS4ALL Domain networksolutions@xs4all.nl
Postbus 1848
Amsterdam 1000 BV, NH 1112 XH
NL
+31-20-3987654 fax: +31-20-3987604so this is probably who you have to contact.
That is us ;)
We rent the eltomation.com from XS4all (our ISP).So everything, except the technical contact, is our info.
-
Well, then this is who you have to contact ;)
-
Not exactly, my green friend. :)
A dig shows:
grey@dodger> dig eltomation.nl ; <<>> DiG 9.8.1-P1 <<>> eltomation.nl ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 6075 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2 ;; QUESTION SECTION: ;eltomation.nl. IN A ;; ANSWER SECTION: eltomation.nl. 86400 IN A 62.251.100.102 ;; AUTHORITY SECTION: eltomation.nl. 7200 IN NS ns2.xs4all.nl. eltomation.nl. 7200 IN NS ns.xs4all.nl. ;; ADDITIONAL SECTION: ns.xs4all.nl. 25282 IN A 194.109.6.67 ns2.xs4all.nl. 111682 IN A 194.109.9.100 ;; Query time: 43 msec ;; SERVER: 127.0.1.1#53(127.0.1.1) ;; WHEN: Thu Jan 10 10:05:47 2013 ;; MSG SIZE rcvd: 121
So @Eltomation: as far as I understood from reading your post, you want to have DNS entries for a… b... c... (or whatever.eltomation.com). As shown by the 'dig' command, your provider "xs4all" is the SOA (state of authority) for your domain. So if you want to modify, add or delete any DNS entries, you have to ask them to do that, if they don't hand you some sort of customer interface, where you can add/modify/delete DNS entries for your domain yourself. As your pfSense is NOT the SOA for the domain, you have nothing to do there concerning making DNS work :)
Greetings,
Jens -
Well this is who i referred to :)
–> since the second part of the whois shows xs4all as technical contact for this domain. -
bows
Right you are :)