Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Redirect fqdn – possible?

    Scheduled Pinned Locked Moved NAT
    5 Posts 4 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      albevierhelixit.net
      last edited by

      So I don't think I can do what I want but I stated working with Aliases about ten hours ago and I'm just a bit brain dead. I think the answer revolves around whether or not an IP packet carries the FQDN or just the IP address and from that statement you can clearly see where my lack of knowledge lays.  (BTW, I've never used aliases before and they are really cool!)

      At any rate I want to RDP to multiple hosts behind the FW without the necessity of entering a different port for each of them.

      For example:
      Instead of using 1.mydomain.com:3390  2.mydomain.com:3391  3.mydomain.com:3392 to get to the hosts behind the FW, I'd like to access the hosts using just  1.mydomain.com  2.mydomain.com  3.mydomain.com

      Can't be done can it?

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        If you have different IP addresses for each host you want to reach, you can access them via FQDN and do not need different ports.
        But that has nothing to do with aliases. Aliases are just used by pfSense for simplifying rules. They cannot be used by an RDP client.

        For resolving FQDNs you have to use a DNS.

        If you want to RDP from WAN, I suggest to tunnel it over OpenVPN and use internal DNS for resolving host names.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          to you host1.domedomain.com and host2.somedomain.com and host3.somedomain.com from the public internet you would have to have 3 different public IPs on your wan that you could forward port to rdp on your hosts behind the nat.

          As mentioned already by viragomann much easier to just vpn, then you can access anything you want on your lan using their host names that you resolve via dns.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • jahonixJ
            jahonix
            last edited by

            Do I remember it correctly that the HAProxy Package can be used for something like that?
            https://github.com/PiBa-NL/pfsense-haproxy-package-doc/wiki
            Or is it for http(s) traffic only?

            edit: it is for HTTP(s) traffic only. Sorry for the confusion.

            1 Reply Last reply Reply Quote 0
            • A
              albevierhelixit.net
              last edited by

              Thanks guys.

              I kinda figured that I was attempting something not doable. Kinda glad too, 'cause if it were possible I would have had to completely rethink what I think I know about IP.

              I hate to use up public IPs just so I can occasionally get to these hosts (rarely used management PCs) so I guess a VPN is the way I'll go. Thanks for the input.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.