Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Accessing services from within LAN

    Firewalling
    3
    4
    2519
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      akarim last edited by

      i am new to pfsense so please bear with me.

      we have setup a pfsense firewall with some NAT rules to allow incoming traffic to be forwarded to various hosts based on ports - i.e. traffic on WAN port 80 goes to 192.168.0.xxx, traffic on WAN port 22 goes to 192.168.0.yyy and so forth.

      this setup works fine if we try to access these services from outside our network. we can use ssh ourdomain.ca or http://ourdomain.ca and we see expected results.

      if we try to access them from within our network, for example by visiting http://ourdomain.ca, we get connection timeouts.

      we have not setup any LAN NAT rules - can this be the cause?

      any help appreciated.

      1 Reply Last reply Reply Quote 0
      • GruensFroeschli
        GruensFroeschli last edited by

        http://forum.pfsense.org/index.php/topic,7001.0.html

        We do what we must, because we can.

        Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

        1 Reply Last reply Reply Quote 0
        • A
          akarim last edited by

          this is what i was after. thanks for pointing that thread out to me. i am a bit of a network setup newbie, so i didn't even know to search for "nat reflection".

          thanks again.

          Disable NAT Reflection  = Disables the automatic creation of NAT redirect rules for access to your public IP addresses from within your internal networks. Note: Reflection only works on port forward type items and does not work for large ranges > 500 ports.

          1 Reply Last reply Reply Quote 0
          • T
            tsteil last edited by

            I was having this same problem and that fixed it for me as well.
            Now, I can connect to my WAN IP from within the LAN.

            Unfortunately, I'm getting a weird problem now where my SSH connection to my linux box (within the LAN) is closed after about 30 seconds when I connect to the WAN IP instead of the LAN IP.

            Just to be clear, I have pfSense setup as my home router. No complex setup or anything, just a WAN and a LAN. I have a linux box connected via ethernet and a laptop connected via wireless through an airport extreme router (in bridge mode). Everything seems to be working great except for this.

            I can SSH into my linux box using it's LAN IP and I stay connected just fine.
            If I SSH into my linux box using the WAN IP it closes the connection after about 30 seconds of inactivity.
            I have port forwarding and firewall rules setup to allow port 22 traffic into my linux box.

            Any ideas?

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy