Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    NAT: 1 WAN:PORT to 1 LAN:Different LAN IPs:PORT (common Port/service)

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 457 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • D
      DemoNIck
      last edited by

      I am running the latest pfSense with 1 WAN interface and 1 LAN interface serving a local LAN subnet.

      I have several domains (A records to external DNS) that resolves to my static WAN IP.

      Allow me to set with an example what is the situation and what I would like to achieve:
      STATIC WAN IP: 1.2.3.4
      domain 1: www.example.com -> 1.2.3.4 (A record)
      domain 2: www.example.org -> 1.2.3.4 (A record)
      domain 3: mail.example.com -> 1.2.3.4 (A+MX record)
      domain 4: webmail.example.com -> 1.2.3.4 (A record)

      I am running a web server on my local IP 10.0.0.1. With the use of web server's virtual hosts, I can access the different pages of domain1 and domain2 from outside using NAT/Port Forwarding from 1.2.3.4:{80,443}->10.0.0.1:{80,443}

      I am running a mail server(domain3) on my local IP 10.0.0.2. With NAT/Port forwarding I can send/receive emails. i.e.: 1.2.3.4:{25,587,993)->10.0.0.2:{25,587,993) etc
      I am also running a web server for a web mail client access, for domain3, on the same local IP 10.0.0.2 listening on the default ports {80,443}.

      Now, when I access www.example.com and/or www.example.org, on the default ports {80,443}, I am forwarded to 10.0.0.1 and serve the appropriate content for each domain.

      Is there a way, when I access webmail.example.com, on the default ports {80,443}, to be forwarded to IP 10.0.0.2 ?

      Please forgive me if this is not a NAT topic, or maybe not even a pfSense topic. If this is the case, I would appreciated if you could point me to the right direction.

      PS
      Just to mention, I know that:
      a. I could run the web client on the existing web server on 10.0.0.1 and yes, problem solved.
      b. I could access the web client for my mail server from a different port. i.e. webmail.example.com:5580 with NAT/Port forwarding WAN:5580 -> 10.0.0.2:80

      Thank you in advance for your time.

      Hide, they will recognise you soon…

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        In your case Id either..

        Get a second static IP address and use 1:1 NAT on each static to each LAN address..

        Set up port forwarding in favor of 1:1 NAT and use another port for your mail service..    domain 4: webmail.example.com:88 -> 1.2.3.4 (A record) as an example..

        Move the mail server service to the webserver which is what Ive done in a couple of cases.

        If your running multiple pages on your webserver I assume your running something like Apache with virtual hosts enabled..

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.