Reaching webserver in DMZ on domain name

  • Hi Guys,

    I am new with Firewalls and network. So i am learning with this.
    This question must be asked before but i could not find a solutions. Have tried to resolve this issue for hours… and i am giving up.. Hope someone can help me.

    I have PFsense configured with a WAN, LAN and DMZ. I created a webserver in DMZ with (i have a bought domainname for this). From this outside this works fine with http and https. The problem is that i cannot reach the webserver on, but only with IP of the DMZ server....

    I tried some things with DNS forwarder and resolver. But with no success.

    I realy hope some one can help me and sorry if i placed this at the wrong topic did not know for sure.


  • LAYER 8 Global Moderator

    setup host override to  point to your rfc1918 address of your webserver in the dmz.. Done.

  • That is not working….

    When i created that rule i get a PfSense web page with the error:

    Potential DNS Rebind attack detected, see
    Try accessing the router by IP address instead of by hostname.

    A frend did some config changes and created a rule that ALL the traffic was forward to

    So forwarded to forwarded to

  • LAYER 8 Global Moderator

    Its a simple host override..

    your server sits on, create a host override either in the resolver or the forwarder which ever your using.. To point your fqdn to

    There is no rebind attack in this scenario… There would be for sure if your public dns is pointing to a rfc1918 address?  Did you try and do that on your public dns?  Host override is done on pfsense.  So clients using pfsense get this answer.. Clients on the public internet would get whatever your public IP is for your pfsense wan address and be forwarded in.

Log in to reply