HTTPs requests is grabbed by pfSense web/management



  • Hi

    I have a DMZ from where we needs to access ADFS (adfs.company.com). adfs.company.com is resolved to the public IP 1.2.3.4 of pfSense.

    When I access adfs.company.com from the DMZ the web/management of pfSense (port 443) takes the request and ask me to login to pfSense instead og sending the traffic to the external interface of pfSense.

    It seems like pfSense thinks "Hey, I owe the 1.2.3.4 IP so I can answer the request on the DMZ interface"

    Is there anyway around this without doing any DNS tricks ?

    Thanks in advance



  • I'm assuming your adfs server is inside your network and your Port Forwarding the Public IP (1.2.3.4) to your private IP on pfsense so inside your network you see the pfsense portal.

    You can either setup an internal DNS server and give out the Internal IP inside your network or I would configure a 1:1 NAT then under system / Advanced / Firewall & NAT tick the two boxes "Enable NAT Reflection for 1:1 NAT" and "Enable automatic outbound NAT for Reflection"

    Make sure when you create the 1:1 nat you do "use system default" for the NAT reflection option.



  • Hi Jeff

    Thanks for the feedback, I will try it out and let you know the result :)

    Thanks again


Log in to reply