Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    redirect wan ip requests to lan ip address

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 4 Posters 762 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bmffsc
      last edited by

      Hi,

      is it possible to re-direct a request to WAN ip to LAN ip in Local Network?

      Scenario :
      --LAN client (192.168.1.101) trying to reach to 212.252.119.3 ports between 40110:40210
      --Forward 212.252.119.3-40110:40210 calls to 192.168.1.108-40110:40210

      1 Reply Last reply Reply Quote 0
      • J
        javier2020
        last edited by

        Hi @bmffsc

        You tried to create a NAT port forward rule on LAN interface. As seen in the image

        14889f3a-5e8a-4c04-8250-866771b466e9-image.png

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          What your asking for is just nat reflection... Why would you do that? Hit the local IP vs the wan IP..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          B 1 Reply Last reply Reply Quote 0
          • B
            bmffsc @johnpoz
            last edited by

            @johnpoz we have an web based crm app which installed on our local web server but we are usually accessing through our WAN ip(because sales dept. uses it when they are out of the office and they are mostly out of the office), when they are at the office when we try to reach to app through our wan ip it works dead slow, we've talked with developers and they said when app installed they configured all parameters for wan ip and when we called from LAN ip it stills loading content from wan ip address, and if i somehow catch and forward wan ip calls to server's local ip it would fix the slowing issue.

            V 1 Reply Last reply Reply Quote 0
            • V
              viragomann @bmffsc
              last edited by

              @bmffsc
              So you might already have set a NAT port forwarding rule from the WAN IP to the local IP. Now follow @johnpoz suggestion and activate NAT reflection + proxy in that rule.

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by johnpoz

                Are you saying this app is hard coded to your wan IP ie 1.2.3.4? Or does it connect to something.domain.tld which resolves to your wan IP?

                Setup a host override to resolve something.domain.tld to the local IP when they are internal - when they are out and about on the net it will resolve to your public IP

                If this app is hard coded your public IP, your doing it freaking WRONG!!!

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                B 1 Reply Last reply Reply Quote 0
                • B
                  bmffsc @johnpoz
                  last edited by bmffsc

                  @johnpoz we have one wan ip and ports are forwarded to this app's server, which is located in our office, for this web based app we are not using any domain, we are reaching through http://212.252.119.3:8092/OurApp/ (this is not our ip,i'm not sharing our ip due to security reasons). So developer said when they are installed they configured parameters/paths (css files,databases,php files etc.) as reacahable through 212.252.119.3 i know it's not a good way but the app was already there when i started to work this company, so when you call through http://192.168.1.88:80892/OurApp/ it works but due to path definitions it works dead slow because client calls the app from LAN but app goes to WAN and retrieving content from WAN,it creates a lot of un-necessary traffic,and the server is i3 pc with 16gb ram,this traffic kills the pc :),i've tried outbound-nat and LAN Firewall rules but honestly defining a NAT reflection as @javier2020 mentioned didn't come to my mind, i don't have remote access to the system for couple days but when i go back to office i'll try and will let you guys know if it'll work with that way.

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by johnpoz

                    @bmffsc said in redirect wan ip requests to lan ip address:

                    reaching through http://212.252.119.3:8092/OurApp/

                    Horrible setup!

                    Use a fqdn that resolves to this IP.. Now outside users can get to it via http://something.domain.tld:8092/ourapp where that resolves to 212.x.x.x. your public IP.

                    And internally it resolves to 192.168.1.100 or whatever you local IP of that server is. So the same bookmark works be it they outside or inside.

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.