[Solved] DNS Resolver: Access forwarded ports on my WAN IP ?



  • Hey,

    I've had a problem where I can't access forwarded ports on my WAN IP from my LAN/OPTx networks.

    So finally I found the docs exactly about this, link below. But the best solution (method 2) doesn't work for me, or most likely I am doing something wrong.
    Method 1 works, and I am temporarily using it now, but it doesn't feel right.  ;D
    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    I am using DNS Resolver, but I cannot get it to work following the guide in method 2. Probably because that is for DNS Forwarder but also an older version.

    On my server running the app I want to reach I have a reverse proxy that directs everything to 443 port to be encrypted and from one port only.

    I want to get "https://mydomain.example.com" to resolve with the local ip 192.168.1.8 using DNS Resolver on the LAN, how could I do this?

    Thanks in advance,
    Sincerely,
    ~TrueType


  • Banned

    Create a Host Override in the DNS Resolver settings, for your example use the following settings:

    Host: mydomain
    Domain: example.com
    IP Address: 192.168.1.8

    that's all and very easy as you can see.



  • @Grimson:

    Create a Host Override in the DNS Resolver settings, for your example use the following settings:

    Host: mydomain
    Domain: example.com
    IP Address: 192.168.1.8

    that's all and very easy as you can see.

    So I created a Host Override and that doesn't work for me… I also tried to add it in the Domain Overrides with still no success.
    Do I have to enable anything specific? See picture what I have enabled already.

    Thanks in advance

    ![dns resolver.PNG](/public/imported_attachments/1/dns resolver.PNG)
    ![dns resolver.PNG_thumb](/public/imported_attachments/1/dns resolver.PNG_thumb)


  • Banned

    First check that your clients are actually using the pfSense IP address as nameserver, try (following your example) "nslookup mydomain.example.com" on a LAN client. This should show you what DNS server is used and the IP it responds with.

    Domain Overrides are only usefull if you have a dedicated DNS server (like bind) with a matching zone configuration for your domain on your LAN.

    On some clients, that also cache DNS requests, you might have to flush the cache or reboot the system.



  • @Grimson:

    First check that your clients are actually using the pfSense IP address as nameserver, try (following your example) "nslookup mydomain.example.com" on a LAN client. This should show you what DNS server is used and the IP it responds with.

    Domain Overrides are only usefull if you have a dedicated DNS server (like bind) with a matching zone configuration for your domain on your LAN.

    On some clients, that also cache DNS requests, you might have to flush the cache or reboot the system.

    Sorry for late reply.

    I've checked nslookup on my domain and it gives back:

    Server:  mypfsense.local.domain
    Address:  192.168.1.1
    
    Name:    mydomain.example.com
    Address:  192.168.1.8
    

    How could I get started with bind?
    Can I flush the cache without rebooting?



  • @Grimson:

    First check that your clients are actually using the pfSense IP address as nameserver, try (following your example) "nslookup mydomain.example.com" on a LAN client. This should show you what DNS server is used and the IP it responds with.

    Domain Overrides are only usefull if you have a dedicated DNS server (like bind) with a matching zone configuration for your domain on your LAN.

    On some clients, that also cache DNS requests, you might have to flush the cache or reboot the system.

    I tried now for the first time since last time I posted, and you are right everything needed was probably the DNS Flush that I supposed it did for itself since it been some days.
    So it worked like a charm from start. Thanks! :)


Log in to reply