Proxy APR and NAT redirection within the same vlan and IP subnet

robcmk22

Hi all,

I am really struggling to resolve an issue I have with my PFsense 2.4.2 installation.  I have a service (well a collection of services that are all accessed using one name) that I want to be able to access internally and externally.  I have configured the appropriate split DNS so that externally it resolves to one of my WAN IPs and internally it resolves to a Proxy ARP IP I have assigned to the same network as my clients.  The external natting (port mapping) works just fine, but I cannot get the internet equivalent to work.

To illustrate the issue.

[client] –----------------------------------------[pfsense FW]–---------------------------------------[internet]
192.168.1.10                                            192.168.1.254 (DG)                                            public ips
                                                                192.168.1.100 (Proxy ARP / NAT redirection) –----[internal service ip]
                                                                                                                                          192.168.1.20

What I would like to happen is that when I browse to the internal dns name & port from a client pc, it resolves to the proxy arp address, the traffic hits the firewall and is then redirected to the actual service IP and port on the same network as the client.

from a dns perspective… something like this https://myserviceproxyarp.local:4443 ---> myservicereal.local:443

Any hints or tips on whether this is possible and if so what I can do to make it work would be really great!

Many thanks

Rob

johnpoz

why would you client not just go to https://myservicereal.local