NAT Forward LAN from HTTPS to 1443

Mat1987

Hi All

I am trying to forward HTTPS traffic from my local networks to 1442 i am running a NGINX reverse proxy which works fine externally but when i do internally whatever nat rules i set i have to add the port to the end of it.

Nat Rule
Interface LAN
Destination Address: dns.example.com which is forwarded to my NGINX Server
Dest. Ports 443 (HTTPS)
NAT Ports 1442

When i visit dns.exmaple.com i get an error. If i do dns.example.com:1442 it works.

I must have got something wrong with the rule but i have tried loads of different options and still the same.

Thanks

Mat

viragomann

@mat1987
Enable "NAT reflection + proxy" in that NAT rule.

Mat1987

@viragomann No difference

Mat1987

@viragomann

Because i have VPN setup etc i have NAT outbound set to manual. Do i need to add an outbound rule at all?

viragomann

@mat1987
I meant, enabling NAT reflection on the WAN NAT rule. Didn't notice, you did already add an additional rule to LAN. That is not needed.

Yes, it would also work with the LAN NAT rule (without reflection) + an outbound NAT rule translating the source IP into the pfsense LAN IP in packets destined to the proxy.
That is basically what NAT reflection does in the WAN rule, if enabled, but w/o displaying the additional rule on LAN.

Mat1987

@viragomann ok so delete the lan rule and on the wan rule just enable the nat refelction.

Ill try that then.

Mat