Problem with access to nat 1:1 server from internal LAN
-
I have pfsense version 2.3.3-RELEASE-p1 (amd64)
built on Thu Mar 09 07:17:41 CST 2017
FreeBSD 10.3-RELEASE-p17 as virtual machine
(VMware ESXi 5.5.0) with 2 physical nic (LAN and WAN).I have problem with access to owncloud serwer (internal lan virtual machine) by external ip (35.190.75.132) or dns name
(cloud.mydomain.com) from internal lan in my work.I can access only by internal address 192.168.1.26.From outside everything works correctly.
I can ping and access to owncloud server over https and ssh to 35.190.75.132 and cloud.mydomain.com without any problems.I have some additional ip addresses for example:
35.190.75.131,35.190.75.132,35.190.75.133, etc.192.168.1.1 is my LAN pfsense address (Interfaces -> LAN)
35.190.75.131 is my primary WAN adress (Interfaces -> WAN)
35.190.75.132 is my external owncloud address (Address added in Firewall -> Virtual IPs)Type: Ip Alias
Interface: WAN
Address type: Single address
Address(es):35.190.75.132In Firewall -> NAT -> 1:1 menu I have entry:
Disabled: not checked
No BINAT (NOT): not checked
Interface: WAN
External subnet IP: 35.190.75.132
Internal IP: Single host: 192.168.1.26
Destination: Any
Nat reflection: Use system defaultIn Firewall -> Rules menu -> I have rule:
Action: Pass
Disabled: not checked
Interface: WAN
Address family: IPv4
Protocol: Any
Source: Any
Destination: Singlehost or alias : 192.168.1.26In System -> Advanced -> Firewall & NAT menu I have:
NAT Reflection mode for port forwards: Pure NAT
Enable NAT Reflection for 1:1 NAT: checked
Enable automatic outbound NAT for Reflection: checkedI tried with the option Services -> DNS Forwarder
Enable: checked
DHCP Registration: not checked
Static DHCP: not checked
Prefer DHCP: not checked
DNS Query Forwarding: not checked
Interfaces: LAN
Strict binding: checkedHost overrides -> Add:
Host: cloud
Domain: mydomain.com
Ip Address: 192.168.1.26 or 35.190.75.132Then I set in my Windows 10 test workstation:
Preffered DNS serwer: 192.168.1.1 (Internal pfsense address).
But it still does not work.I have Active Directory server with DNS on 192.168.1.20 address.
All computers have this address as primary DNS server.
I can not set their DNS address as 192.168.1.1.I read this article but it did not help me:
https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks
Please help me ! Thx :)
-
I have Active Directory server with DNS on 192.168.1.20 address.
All computers have this address as primary DNS server.
I can not set their DNS address as 192.168.1.1.So add the external hostname of the owncloud server to this DNS with its internal IP and verify if your computers resolve it correctly (after flushing DNS cache!).
-
Kazzuja, did you manage to resolve your issue?
Especially the part where you can ping the external IP…