NAT: 1 WAN:PORT to 1 LAN:Different LAN IPs:PORT (common Port/service)

  • I am running the latest pfSense with 1 WAN interface and 1 LAN interface serving a local LAN subnet.

    I have several domains (A records to external DNS) that resolves to my static WAN IP.

    Allow me to set with an example what is the situation and what I would like to achieve:
    domain 1: -> (A record)
    domain 2: -> (A record)
    domain 3: -> (A+MX record)
    domain 4: -> (A record)

    I am running a web server on my local IP With the use of web server's virtual hosts, I can access the different pages of domain1 and domain2 from outside using NAT/Port Forwarding from{80,443}->{80,443}

    I am running a mail server(domain3) on my local IP With NAT/Port forwarding I can send/receive emails. i.e.:{25,587,993)->{25,587,993) etc
    I am also running a web server for a web mail client access, for domain3, on the same local IP listening on the default ports {80,443}.

    Now, when I access and/or, on the default ports {80,443}, I am forwarded to and serve the appropriate content for each domain.

    Is there a way, when I access, on the default ports {80,443}, to be forwarded to IP ?

    Please forgive me if this is not a NAT topic, or maybe not even a pfSense topic. If this is the case, I would appreciated if you could point me to the right direction.

    Just to mention, I know that:
    a. I could run the web client on the existing web server on and yes, problem solved.
    b. I could access the web client for my mail server from a different port. i.e. with NAT/Port forwarding WAN:5580 ->

    Thank you in advance for your time.

  • In your case Id either..

    Get a second static IP address and use 1:1 NAT on each static to each LAN address..

    Set up port forwarding in favor of 1:1 NAT and use another port for your mail service..    domain 4: -> (A record) as an example..

    Move the mail server service to the webserver which is what Ive done in a couple of cases.

    If your running multiple pages on your webserver I assume your running something like Apache with virtual hosts enabled..

Log in to reply