Domain name



  • Hi all,

    I need to have a domain name  (E.G - mydomain.uk) to be able to access a webserver behind my PFSense firewall.

    (www.mydomain.uk  –  EXT-63.21.91.64  --  INT-10.0.0.7)
    (www.mydomain.uk  --      straight to      --  INT-10.0.0.7)

    EDIT:--

    My apologies My team are not very user friendly!!.

    What I would like is the ability to have my domain name currently @ (names.co.uk) to be able to connect to a private web server behind my pfsense firewall.

    I have several domains and would like them to connect to several web servers behind my firewall all on different ports.

    Can any one assist me in completing this task?...    as the very brief description mentions above ... id like to enter  (Example.com and it patch through to my servers ip address.



  • Is this a crystal ball tournament or is a question missing in your post?



  • My apologies My team are not very user friendly!!.

    What I would like is the ability to have my domain name currently @ (names.co.uk) to be able to connect to a private web server behind my pfsense firewall.

    I have several domains and would like them to connect to several web servers behind my firewall all on different ports.

    Can any one assist me in completing this task?…    as the very brief description mentions above ... id like to enter  (Example.com and it patch through to my servers ip address.



  • You'll probably need a reverse proxy to connect from the outside if you only have one public IP (but we don't know that).
    Have a look at haproxy or squid packages.



  • @MrGamecase:

    … several web servers behind my firewall all on different ports.

    That's easy:

    That's what you wrote but I doubt it's what you want.

    BTW: what did you already try and what's not working?



  • @jahonix:

    @MrGamecase:

    … several web servers behind my firewall all on different ports.

    That's easy:

    That's what you wrote but I doubt it's what you want.

    BTW: what did you already try and what's not working?

    My pf box uses a custom port for the web ui.

    The team have changed the A & CNAME Record of the domain site to point towards my ip .. i have some hope as i can see my pfsense router but have this issue listed in the image.

    for now i'd like to just use one domain and one web server, i'd like the domain name to avoid showing my port number if possible.

    ![Screen Shot 2017-06-26 at 10.33.40 PM.png](/public/imported_attachments/1/Screen Shot 2017-06-26 at 10.33.40 PM.png)
    ![Screen Shot 2017-06-26 at 10.33.40 PM.png_thumb](/public/imported_attachments/1/Screen Shot 2017-06-26 at 10.33.40 PM.png_thumb)



  • You are forwarding to your pfSense and NOT your web server, where it detects a connection attempt from a different domain name. Hence it complains about a wrong host name queried, aka rebinding attack.
    Forward (port 80, 443 or what have you) to the web server IP.



  • @jahonix:

    You are forwarding to your pfSense and NOT your web server, where it detects a connection attempt from a different domain name. Hence it complains about a wrong host name queried, aka rebinding attack.
    Forward (port 80, 443 or what have you) to the web server IP.

    Jahonix i apologize you may have to eun mw through this … my team are struggling to accomplish this task...



  • @MrGamecase:

    … you may have to eun mw through this ...

    What?

    IF you have this port forward in place:  EXT-63.21.91.64 (http)  –  INT-10.0.0.7 (http)
    then 10.0.0.7 is your web server. Apparently you have the port forwarding to the IP of your pfSense which complains about it.



  • IF you have this port forward in place:  EXT-63.21.91.64 (http)  –  INT-10.0.0.7 (http)
    then 10.0.0.7 is your web server. Apparently you have the port forwarding to the IP of your pfSense which complains about it.

    Sorry we're only programing engineers … not network engineers... our boss and network guy are away on business and won't be returning for another 6 weeks...

    We have our web service port forwarded.. E.G - 243.564.234.23:20000 we can access this from outside our network now with no issue, we're struggling to make this accessible from our domain name.  can you do a runthrough please.