Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LAN-WAN-LAN NAT (Reflection)?

    Scheduled Pinned Locked Moved NAT
    6 Posts 3 Posters 5.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      MartinsLR
      last edited by

      Hello! I want to make such config.
      I have WAN IP 80.80.80.x and LAN IP 192.168.1.X, i want to make that if user open web browser and type 80.80.80.80:123 he is redirected to 192.168.1.34:123 or user write in browser just IP 80.80.80.80 and he is redirected to 192.168.1.155:443
      Can i do this with pfsense, must i use Reflection?

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Can i do this with pfsense, must i use Reflection?

        It's a DNS issue, not a pfSense issue specifically.  Configure Split DNS and you're set.

        https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

        1 Reply Last reply Reply Quote 0
        • M
          MartinsLR
          last edited by

          But if user just enter WAN IP 80.80.80.80:54821 how can i redirect him to 192.168.1.200:54821. How i understand in this case i must use Reflection, correct?

          1 Reply Last reply Reply Quote 0
          • K
            kpa
            last edited by

            Why would your users enter raw IP addresses instead of host names? Are you actively encouraging them to do that?

            1 Reply Last reply Reply Quote 0
            • M
              MartinsLR
              last edited by

              This is needed for programmers and test department for some reason.

              1 Reply Last reply Reply Quote 0
              • KOMK
                KOM
                last edited by

                The real solution is to modify your internal DNS so that the hostnames resolve to their private IP, then have them use hostname.  If they insist on using IP addresses then they can feel free to use the internal IP address.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.