NAT: 1 WAN:PORT to 1 LAN:Different LAN IPs:PORT (common Port/service)
-
I am running the latest pfSense with 1 WAN interface and 1 LAN interface serving a local LAN subnet.
I have several domains (A records to external DNS) that resolves to my static WAN IP.
Allow me to set with an example what is the situation and what I would like to achieve:
STATIC WAN IP: 1.2.3.4
domain 1: www.example.com -> 1.2.3.4 (A record)
domain 2: www.example.org -> 1.2.3.4 (A record)
domain 3: mail.example.com -> 1.2.3.4 (A+MX record)
domain 4: webmail.example.com -> 1.2.3.4 (A record)I am running a web server on my local IP 10.0.0.1. With the use of web server's virtual hosts, I can access the different pages of domain1 and domain2 from outside using NAT/Port Forwarding from 1.2.3.4:{80,443}->10.0.0.1:{80,443}
I am running a mail server(domain3) on my local IP 10.0.0.2. With NAT/Port forwarding I can send/receive emails. i.e.: 1.2.3.4:{25,587,993)->10.0.0.2:{25,587,993) etc
I am also running a web server for a web mail client access, for domain3, on the same local IP 10.0.0.2 listening on the default ports {80,443}.Now, when I access www.example.com and/or www.example.org, on the default ports {80,443}, I am forwarded to 10.0.0.1 and serve the appropriate content for each domain.
Is there a way, when I access webmail.example.com, on the default ports {80,443}, to be forwarded to IP 10.0.0.2 ?
Please forgive me if this is not a NAT topic, or maybe not even a pfSense topic. If this is the case, I would appreciated if you could point me to the right direction.
PS
Just to mention, I know that:
a. I could run the web client on the existing web server on 10.0.0.1 and yes, problem solved.
b. I could access the web client for my mail server from a different port. i.e. webmail.example.com:5580 with NAT/Port forwarding WAN:5580 -> 10.0.0.2:80Thank you in advance for your time.
-
In your case Id either..
Get a second static IP address and use 1:1 NAT on each static to each LAN address..
Set up port forwarding in favor of 1:1 NAT and use another port for your mail service.. domain 4: webmail.example.com:88 -> 1.2.3.4 (A record) as an example..
Move the mail server service to the webserver which is what Ive done in a couple of cases.
If your running multiple pages on your webserver I assume your running something like Apache with virtual hosts enabled..
