[Solved] Cannot access from LAN
-
I'm not sure if this is the right place as I do not know what seems to be the problem.
Currently I have the following setup:
*Dynamic DNS - Namecheap
*Domain - mydomain.com
*Servers: 192.168.1.100, 200
*Port: 5000, 3000, 32400 (and etc)I have 192.168.1.100:32400 set as Plex Media Server, I have also fowarded the port in NAT with the WAN interface.
I could access the server from the net by going to mydomain.com:32400. However, from within my own network, lan/wan, if I punch in the same address, I am unable to connect to the server. I would need to manually enter 192.168.1.199:32400 in order to access it.
What seems to be the problem?
-
Because of this:
https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks%3FSteve
-
Thanks!
Here's what I have done:
#1 - Enable DNS Forwarder
#2 - Enabled Register DHCP leases in DNS forwarder
#3 - Enabled Register DHCP static mappings in DNS forwarder
#4 - Interfaces: all
#5 - Host OverrideHost: www
Domain: mydomain.com
Ip Address: 192.168.1.100 (Plex Server)
Alias: plexserver(FQDN of the server is plexserver.mydomain.com)
#6 - Reboot Server
#7 - Check DNS Server = 192.168.1.1 (Same as router/gateway) = OKResult: Cannot resolve
I then went on to fowarded port from
#1 - LAN - Port 32400, redirect ip 192.168.1.100Result: Cannot resolve
what seems to be the problem?
-
Alright I figured out the problem, looks like even the client must be pointed to pfsense as the DNS server in order for it to work. Which means I also need to manually point reconfigure all the AP to point to pfsense as the DNS server.
Question:
If I were to perform split dns on my own DNS server, do I just simply disable dns fowarder and leave NAT translation disabled as well? -
"Which means I also need to manually point reconfigure all the AP to point to pfsense as the DNS server."
When you say AP - you mean Access Point right? APs do not provide dns normally - since they are not the gateway, just an AP and don't normally provide dhcp or dns.. They are just the connection from wireless to wired.
The common setup is that your gateway router provides dhcp, dns.. Now sure you can point dns elsewhere and use something else to provice dhcp in your network. For example if you run AD, then all clients should point there for dns and normally it provides dhcp.
But I have never ever ever seen an AP used as dns – so unless your double natting, and not really AP I don't see why you should have to change anything on your AP. Nor do I understand why all your clients don't already talk to pfsense as your dns caching resolver?
-
You are right. While I was going back to check out the APs, there were no option to set DNS server. Some configurations within pfsense is a little confusing like multiple areas for DNS address and etc. I had some trouble with DNS not being assigned properly and what not but it's all fixed now.
Here's what I've done:
System -> General Setup -> 8.8.4.4, 8.8.8.8
Unchcked: Allow DNS server list to be overridden by DHCP/PPP on WAN
Unchecked: Do not use the DNS Forwarder as a DNS server for the firewallSystem -> Advanced -> Firewall/NAT
NAT Reflection mode for port forwards: DisabledServices -> DHCP Server
Checked: Enable DHCP server on LAN_INTEL interface
DNS servers: Left Blank**Initially I had google public dns server in here and it caused a mess. SOME clients were automatically assigned these DNS instead of the default ip of the pfsense machine.
This is all good now. But I have some other concerns, which I will open another thread instead.
-
System -> Advanced -> Firewall/NAT
Network Address Translation: DisabledWhat?? So are just routing with pfsense? This is not something that sounds like you should of done.. If your doing "port forwards" You only "port forward" when there is NAT, if your not natting then you just need to allow the traffic with firewall rules.
-
There is no option to disable NAT entirely in System: Advanced: Firewall/NAT: I think it's just a typo. The only option there you can set to disabled is "NAT Reflection mode for port forwards", which is disabled by default and should be if you're using DNS overrides instead.
Steve
-
Sorry made a mistake, already amended the post:
System -> Advanced -> Firewall/NAT
NAT Reflection mode for port forwards: DisabledI think this problem is resolved.
Please kindly see this thread for a more troublesome problem:
http://forum.pfsense.org/index.php/topic,70483.0.html