LAN: Resolve DNS to internal web server?



  • I have a webserver being hosted inside my network. I would like my external domain name to resolve to the web server rather than my PFsense IP. Obviously, port forwarding handles this outside the LAN, but I would like to be able to use the domain to resolve to the server, rather than the internal IP.

    Is there any way to do this?



  • If I understand your question.  Yes there is.  It is called "split DNS".  Basically add a host override in the DNS Resolver/Forwarder (whichever one you are using).

    This thread would probably be more at home in the DHCP/DNS forum.



  • I started down one road then re-read your question and thought maybe we should clarify what you're asking.  Are you asking how to put your webserver in a DMZ with a public IP or are trying to get both internal and external DNS resolution working for your webserver?


  • Rebel Alliance Global Moderator

    "but I would like to be able to use the domain to resolve to the server, rather than the internal IP. "

    Huh??

    If your webserver is behind pfsense on a rfc1918 address, and whatever public domain name resolves to your public pfsense IP (wan) and you want users outside to access - then simple port forward to your webservers IP all you need to do.

    If you want your users inside your network to access this server via some public fqdn, then put in a host override to point that fqdn to your servers private IP (rfc1918) address.



  • @johnpoz:

    "but I would like to be able to use the domain to resolve to the server, rather than the internal IP. "

    Huh??

    That's what confused me too.  So just made a guess at what it seemed likely was being asked and went with that.


  • Rebel Alliance Global Moderator

    Yeah not sure what he is asking to do?  Possible he has override already in place and wants to nat reflect? ;) heheeh



  • @johnpoz:

    Yeah not sure what he is asking to do?  Possible he has override already in place and wants to nat reflect? ;) heheeh

    LOL  Nah.  Sounded like NAT was already in place for external, it seemed like to me internal name resolution was desired to go directly to the server.



  • NOYB got it right. Essentially, I want to access my internal webserver from PCs inside the LAN via the domain. By default, my domain would resolve to the pfsense GUI, which confused the wife and kids.


  • Rebel Alliance Global Moderator

    than as stated couple of times already put in a host override for the fqdn you want to use to access your server and point it to the private IP of your server.