Accessing hosted services from internal and from external

geminux

Hello everyone,

I have a small setup to host websites, mail, etc…

pfsense (2.3.4) with one WAN (static public ip) and one LAN
port forwarding (80+443) from wan to lan (pound server)
pound server which dispatch request to the right backend
a dns server on internet is resolving the hosted domains with the static wan address.

=> this is a pretty standard setup and everything is working well when someone tries to connect from external (internet)

Here is a diagram with an example for web connections : -> attachment: from_external.png

But when I want to access the same service from internal (lan), it no longer works. I guess that since connection come through LAN interface, it does not go through the port forwarding...

Here is a diagram of what does not work : -> attachment: from_internal.png

Does anyone know what I should do to make it work ?
Thanks !

viragomann

@geminux:

But when I want to access the same service from internal (lan), it no longer works. I guess that since connection come through LAN interface, it does not go through the port forwarding…

That's the point.

Use an internal DNS and set up a host override.
You may use DNS Resolver or DNS forwarder installed on pfSense found in Services menu.

You may also activate NAT reflection + proxy in the NAT rule to resolve this.