Cannot go from LAN -> WAN IP of computer on our network



  • Hello, I'm a pfSense newbie and I have a peculiar issue.

    I have a computer I occasionally RDP into to do work. This computer is configured with a static IP on our LAN and with a static WAN IP, and is accessible from outside our network using a non-standard port.

    RDP from WAN -> computer on LAN works fine using static WAN IP and non-standard port

    RDP from LAN -> computer on LAN works, as long as I use the static LAN IP and port 3389

    BUT

    RDP session from LAN -> static WAN IP fails, regardless of whether I use the non-standard port or 3389

    In other words, if I'm working on another computer on the LAN, and I try to RDP to the above computer on our network using the static WAN IP and non-standard port, I am unable to connect.

    Why might this be? Can anyone help me get the firewall opened properly?





  • @KOM:

    Read this:

    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    Protip: Use split DNS instead of NAT Reflection.

    On this new install of pfSense, DNS Resolver is being used instead of DNS Forwarder.

    I have checked the boxes for Enable DNS forwarder, Register DHCP leases in DNS forwarder, and Register DHCP static mappings in DNS forwarder.

    Under host overrides I have Host blank, Domain as the static WAN IP, IP as the static LAN IP, and then a description.

    Configured this way, I still can't get things working. Is it because of the non-standard port I'm using?

    Edit:

    I went and did it the non-recommended way (through Pure NAT reflection) and it works perfectly. However, I'd like to do it the "right way", so I'm willing to continue trying to puzzle through how to set up DNS Resolver properly