Blocking traffic from LAN
-
Hello
I recently installed a PFSENSE router in my network. Pfsense is new for me..
In my network, I have an OSX server that is installed as a profilemanager (to manage mobile devices). This server works fine for 3 years now. Server local ip is 10.0.0.6. Webinterface is on port 443 (https).
More info about used ports: https://support.apple.com/en-us/HT202487This server is from outside accessible with an domainname (example: https://test.domainname.com) linked to the public fixed ip. This is necessary for certificates and security.
FYI: Router https is on, but on port 8443.I can access the server directly on https://10.0.0.6 in the local network.
I can access the webinterface from outside the network over https://test.domainname.com.The only thing I can't is access the webinterface from the local network with the domainname.. There happens nothing.
Also I can't connect devices from local network to the server (also with domainname).I think the portforwarding works fine...
Outbound settings:
Automatic outbound NAT rule generation.
(IPsec passthrough included)Rules WAN:
Rules LAN:
My question: How can I communicate / get access from the local network by using the public ip / domainname?
-
https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks
Use split DNS.
-
This post is deleted! -
@KOM I can't use Split DNS..
The primary DNS is another IP.In order for this to work using the DNS Forwarder or Resolver in pfSense, clients will need to have the IP Address of the pfSense router as their primary DNS server.
But method 1 works perfect!
-
You could add your A record to the DNS you're currently using. You don't need pfSense to be your DNS for split DNS to work. You just need your FQDN resolved to its LAN IP.