PfSense 2.1 no internal access to web server box

podilarius

If you are using pfsense as your gateway and dns server for internal use only, then setup a host override that points the domain name to the internal address and not the external address. This is called split horizon dns. This is IMHO a better way to go than nat reflection. The results are usually faster and more stable.

Rickinfl

I don't have DNS Server running. It's setup a as forwarder from what I'm seeing.  How do I setup a Split horizon DNS? does this effect my DNS forwarder?  Now sure how to do this.

Rickinfl

Just tried the Split Horizon dns with no luck…  Here is my problem. I don't have a domain name for it. I access it via a IP address example:

to access it from outside I go to  xx.xx.xx.xx/mediawiki  from inside I use to access it by 192.168.0.99/mediawiki  now with the pfSense box install I can't access it from inside anymore.

This is what I setup in the Split Horizon DNS:

Host - mediawiki
Domain - mediawiki
IP Address - 192.168.0.99

wallabybob

@Rickinfl:

I lost access to my Media Wiki

Access FROM where? If you are trying to access that service from a host on the same IP subnet (192.168.0.0/24?) then the access attempt shouldn't go through pfSense. If you are trying to access that service from a host on a different IP subnet (e.g. 192.168.10.0/24) then it would probably help us to help you if you provided more details, for example, "the access attempt to the media wiki goes in the pfSense OPTx inteface and out the pfSense OPTy interface".) If you are trying to access that service from the Internet

@Rickinfl:

The problem is ever since I put a pfSense box online

It would be helpful to provide details of how you changed your network when you "put a pfSense box online".

Rickinfl

I have 3 Machines running at home. Media Wiki, PS3mediaserver and pfSense box.  I use to be able to access the Wiki and PS3mediaserver from my computer here at the house just by typing 192.168.0.99/mediawiki and everything worked fine including accessing it from the internet from work at http://xx.xx.xx.xx/mediawiki  As for my network before when everything worked I was using a Cisco/Linksys 4200 router. I removed it and put in it's place the pfSense box this is when the LAN access issue started.

My IP addresses for the boxes:

My Computer 192.168.0.10
pfSense box 192.168.0.1
Mediawiki 192.168.0.99
PS3mediaserver 192.168.0.60

Submask is 255.255.255.0 on all boxes
Gateway is the pfSense box 192.168.0.1

As for going through the pfSense box I have no clue I'm very new to this. But ever since I installed the pfSense box I can't access the Mediawiki. Also can't access the Webmin on the Mediawiki box and the PS3mediaserver box and those are as this:

mediawiki - 192.168.0.99:20000
PS3mediaserver - 192.168.0.60:10000

I can't access anything within the network from my computer at home, BUT I can access everything from the Internet from work just fine.

I'm really new to this and I'm learning Linux so just be patient with me… I'm a quick learner just need step by step the first time then I'm off and running.

podilarius

Do you have a switch in place or do you have multiple NICs in the pfsense machine? If you do, do you have the interfaces bridged and rules in place to allow traffic across the bridge?

Rickinfl

No switch just 2 nics in the pfSense box. I do have rules setup:

Proto       Source     Port       Destination   Port       Gateway Queue     Description
IPv4 TCP     *         *         192.168.0.99   80 (HTTP) *       none   NAT Media Wiki
IPv4 TCP     *         *         192.168.0.99   20000       *       none   NAT Webmin Media Wiki
IPv4 TCP     *         *         192.168.0.60   10000       *       none   NAT Webmin Media Server
IPv4 TCP     *         *         192.168.0.1     8443       *       none   NAT pfSense Web Interface

I had to put these rules in so to access it from outside if I remove them I can't access it anymore.

phil.davis

My Computer 192.168.0.10
pfSense box 192.168.0.1
Mediawiki 192.168.0.99
PS3mediaserver 192.168.0.60

Submask is 255.255.255.0 on all boxes
Gateway is the pfSense box 192.168.0.1

No switch just 2 nics in the pfSense box.

Exactly what is connected to the pfSense LAN port?
You list pfSense and 3 other devices - somehow these 4 devices need to/must be connected together (4 real ethernet cables into a switch?, a cable from pfSense LAN to a WiFi Access point that other things connect to?)
Please describe exactly how the LAN-side devices are connected.

Rickinfl

The WAN side goes straight from my Cable modem to the WAN NIC on the pfSense box. then the LAN side goes from the LAN card in pfSense to the 8 port switch which feeds all the other computers via CAT5 cable. Not using wireless at the moment I have to get a wireless card for the pfSense box.

phil.davis

@Rickinfl:

the LAN side goes from the LAN card in pfSense to the 8 port switch which feeds all the other computers via CAT5 cable.

The 3 other computers (My Computer, Mediawiki and PS3mediaserver) should all be able to talk to each other without pfSense or internet at all. So you need to get that to work - disconnect the pfSense LAN cable from the switch, then get the 3 computers working locally on the switch.
Once that is done, then connect pfSense LAN to the switch again - if a problem happens then we can try to help with it.
I guess the switch is a "plain ordinary" unmanaged switch, with no VLANs, no MAC filtering?
(If you have a fancy switch then maybe something was set in that that causes your local LAN issues)