Forward server names on 1 IP so i can access my servers



  • hi so there has to be away
    i can do it on the network i figured out but i cant seem to get it to work from remote locations connecting to my wan
    so i have 4 servers
    3 WHS (windows Home Servers)  1 Freenas

    so  i use dyns… and  i have basically like example.mine.nu  as my dyns domain

    so i wanna be able to do... 
    Remote Desktop whs1.example.mine.nu  default port
    remote desktop  whs2.example.mine.nu  default port
    and so on.. but i cant get pfesnse to allow this...  or  even whs1.mine.nu
    or access the Freenas website

    i wanna be able to FTP on port 21  on any of these 4 servers  so its just simple  that it does like name forwarding to the proper computer

    now there has to be away  since servers do this like    x.microsoft.com  where the X is another computer name.. so there has to be away of doing it

    as i tired of setting 3 different ports for Remote Desktop to port forward..

    can anyone help..



  • and i got it to work on the local network like  rdp whs1.example.mine.nu  using the dns resolver  but i cant get it from a remote location

    as eventually i wanna setup a replicator server at my sisters house for our data  and i wanna be able to RDP  from either location  on the different servers etc


  • LAYER 8 Global Moderator

    How many public IPs do you have?  If you only have 1 then to forward based on name you would have to use a reverse proxy.  Pfsense doesn't understand what NAME you used to get to its IP, it just just sees SYN on the port your going to..

    If you want to forward to say 192.168.1.100 when you use whs1.whatever.tld and 192.168.1.102 when you use whs2.whatever.tld and both of these public resolvable names resolve to your public IP 1.2.3.4 then your going to need a reverse proxy running on pfsense that will see the fqdn you hit and send it to the appropriate IP.

    On a side note… Why would you not just create a site to site vpn between your locations and then you could use whatever names you want and get to whatever you wanted without having to do any sort of port forwarding or natting.  And you wouldn't be exposing stuff like RDP to the public internet, etc.

    Also who still uses windows home server still?  Take it your using the 2011 version which didn't mainline support end on that back in 2016?



  • ok  i didn't see reverse proxy..  is that an add on for pfesense

    ya i only have One IP for my dsl connection  so i wanna route and then split to the servers as i just tired of the rdp  sever:3389 or 3390 or whatever

    as for vpn  i played with my asus router  and my desktop computer  it connects to my router my LAN router  but  i loose internet  as soon as the vpn is setup  so i know little about vpns.. and i always see go buy a VPN  so I'm confused all about it

    and as for the WHS  ya its old the 4 bay slide out drives computers came with WHS 2003  i had upgraded to 2011…  and  there hasn't been a sever since then  it does what i need it to do  holds my documents music media etc... i liked 2003  when you can link all the drives and its one Drive letter for my plex media sever...  but 2011 i could strip the raid.... and  the Freenas  on my other computer i kinda like but making it a replicated sever is crap  cuz u loose the rights  on the replicated side.. so i haven't found something better to upgrade too..  what are your suggestions

    and this vpn on  as i loose internet.. as id also like it say on my laptop  and if I'm at a buddies house i could access it

    i remember 18 yrs ago i dunno how i did it    but you know  like  \freenas  or whatever \server  you could access your network files    i did in past \10.14.3.2\files    so say that was my IP address of my home network  i could do that from a computer from my friends house.. i not sure how it work and i never replicated it again since then 
    but ill also look this up reverse proxy..



  • i tried googling the reverse proxy got a bit confused  maybe you have a good write up or a video  how to set this up easily.. 
    i figured  just a check box and the name of the computer and boom i done lol



  • so i googled and i found setting up this squid reverse proxy.  is that only good it seems for HTTP or HTTPS  but no other ports..

    and  i find  the firewall slows the internet down  or so  pfsense router not as fast as my asus router…

    but ill keep fiddling and this vpn


  • LAYER 8 Global Moderator

    "and this vpn on  as i loose internet"

    Huh???  No you don't - I access my home network from my phone even, from work… I can be anywhere and access anything on my home network.

    Sorry but I would never in a million years open up rdp to the public internet..  If you need to access your network while remote then VPN in.  If you need to share resources between locations - then create a site to site vpn between them.

    Simple setup and you could vpn into either location and access the other location, etc.

    As to the feature of drive extender in WHS.. I believe that was the name stable bit drive pool is the shit that is for sure.  Can not say enough good things about that software.. It was one of the few things that kept me running windows as my storage OS.... I have recently moved away from it and gone with a synology nas, just running SHR for storage.. Bigger fan of how you can do it with stablebit and just ping folders or files to have multiple copies on disks in your pool, etc. etc..

    But I just bought some new 4TB disks and created an SHR array and forget about it..  With something like a synology nas running DSM.. a lot of your problems of replication of data between locations and remote access could be taken care of as well.

    But it really is clickity clickity to create a remote access vpn with pfsense, and a site to site to your other location, etc.



  • ah ok.. so
    1.. what is good about running pfsense if its clickity.. i guess its difficult to setup..  i only looking into as facebook forums for the IT guys talk about this great program pfsense  so i figured i try it..  i find it a lot hard then my asus router..  wish it had this Reverse Proxy i having issues trying to get it to work  this Squid.. i did what i seen in video.  didn't work out.
    and now I'm locked out of the Gui…  so I'm frustrated.. i can ping the 192.168.0.1  but i can no longer access the damn page

    ..as for the vpn  what i did was i setup on the Asus router there vpn server.. and on my desktop  i setup the client.. as soon as vpn connects it shuts off the internet.. apparently when i google it its a common issue you loose the dns  i guess i forget.. but you loose internet... when you disconnect the VPN  client on the windows desktop  internet is restored.. i got fed up with it and quit on that..

    i kinda like Freenas but the replicating is sucking balls.. when you loose all the rights.. and with Windows  it was just easy to use the home server i just put some big hard drives in and i can copy and i don't need to do anything..

    i looked at these synogys and Qnap.. so they much better..?  and do any of them modify raid what i mean is.  does any you start off with 1 hard drive  and then when you get say 3 more  that you can set it to stripe and mirror the data  or do you gotta loose everything on the first drive just to mirror and stripe as id like to be able to add more hard drives later time  and raid it as i go  without having to re do the raid..

    and i like the idea the replicating is easier on the synogy  is there one you recommend

    and i found another program  smoothwall  is it any good or is pfsense better..
    but i wish there was better step by step  for pfsense..  but ill look up vpn again..

    just wish things were plug and play  lol  not soo complicated

    and is there  a way to get the gui back  I'm locked out of the damn webpage  least internet still working lol


  • LAYER 8 Global Moderator

    No idea what you did with the proxy… But sure it could block you out of the gui if you misconfigure it, etc.

    I would suggest you just start over..

    I am not going to even dignify your smooth question an answer - really your going to ask such a thing on the pfsense forums.. Really ;)

    Lets go over this again - Setup your vpn!  You should not expose any of this to the public internet!!!  You do not need a proxy or a reverse proxy once you have vpn up and running.  Which is really click click - buy the pfsense book if you want some detailed doc.

    As to nas.. All comes down to what you need they have many different models.  All run the same software...  I have a ds918+ but there are smaller and larger models.



  • only reason i asked about the smooth one.. as it came up in the search for setting up  reverse proxy on  pfsense.. and trying to follow the Arabic setup i guess it is for squid reverse proxy  hard to follow when half is in English and half is not.. lol

    which link would you recommend for this..

    and as for the VPN a good link too… as when i set it up in windows 10 to connect to the local LAN router my asus  as a VPN server.. it locks out the internet  then when you google it you gotta modify it  as it looses the dns or something  tried it and i failed lol..

    and i just wished the router offered  this reverse vpn..  like i know i host websites  but  i do that on my 1 computer  i port forward 80  and windows home sever has  i guess SVR Records i guess called so i can say website A  goes to  www.mine.example.com    website B  goes to  www.hello.example.com  because  windows server offers that and all the websites are on that one computer..

    but ok ill refactory reset the router... that sucks  u can easily block out the router by mistake..

    as for the synogy ill look it up

    what i want is a media server  and that it replicates to 2 other locations.. 
    since hard drives cost a lot since id like a 10TB or 12TB drive  since you never actually get 10TB  out of a 10TB drive  i wanted big  or smaller  but what i wanna do is start off with 1 hard drive.. then when i can afford more i shove a new one in.. and the software automatically changes the drives to Raid 10 i think it is strip and data  without having to do this at the beginning  be able to do this as you go when you can afford more hard drives and shove them in the slots.. 
    as  like with my asus boards  you gotta do the Raid  first and then everything gets deleted  same with the windows

    not sure with Freenas as i had 2 old 2.5TB drives kicking around so i added them to test with..  so i stripped the data to incrase the volume size..

    but id like to have 3 locations  one in my basement  1 in my shop incase of fire and one at my sisters house 2 hour drive away..
    i want to connect securely  to them all... i want each one to update themselves  so if i add a file to Sever1...  Sever 2 and 3  get it...  or if i add a file to Server 3... Server 1 and 2 get that file..
    frig id even use a synogy  if it can replicated  to my 2 ACER 4 bay home severs  and i use them as a back up just to back up

    and i guess synogy  doesn't offer software  to use on  currenty home server networks

    and  with VPN  with the pfsense.. i read that vpns mask  your web traffic what you go searching for but that's only on the client computer... the  but the vpn server would know..    like  say  vpn  is at my sisters house  i connect to that computer  vpn server and i search for naughty videos  well  her ISP  would know her computer is getting naughty videos.....  it may not know my computer watching it.. but isn't her ISP  then seeing smutt being downloaed to her internet connection..  or downloading games movies or whatever..  as i hear great deal  of this vpn  stuff.. but isn't the vpn server itself  has  all that logged?

    but for now ill reset the pfsense and reload the squid stuff.. and get back online and any proper videos to link for this be good.. as i did youtube a bunch i just wanted a good step by step video..

    thanks for your input so far


  • LAYER 8 Global Moderator

    "u can easily block out the router by mistake..  "

    No it is next to impossible to do such a thing has basic understanding of these concepts.  I mean just plain impossible!!!

    I suggested you start over because that is the fastest solution to the problem.  You gave ZERO info to what you did or didn't do with your proxy, etc.  Had you changed ports, did you somehow just turn off dhcp?  Have no idea what you could of done.. So vs going through the almost infinite stupid shit I have seen people do trying to help you.

    Just start over is much easier!

    "and  with VPN  with the pfsense.. i read that vpns mask  your web traffic what you go searching for but that's only on the client computer.."

    HUH???  Yeah start over I have no idea where your getting your info from… Setup a site to site vpn between your location and this other location..  That has NOTHING to do with some vpn service to mask your IP from some website..

    https://doc.pfsense.org/index.php/OpenVPN_Remote_Access_Server
    https://doc.pfsense.org/index.php/OpenVPN_Site_To_Site



  • well i can see my dyslexia sucks  since you didn't understand what i mean

    ok..
    1.. i followed this video to setup  your squid reverse proxy
    Youtube Video

    2.u can easily block out the router by mistake" what i mean is  it seems to be easily locked out after i followed this video above to his steps.. i was then locked out of the GUI  even when i rebooted the pfsense  and also did the restart  gui  from the console..

    3.  ya i have already  did the Factory reset  and then 2 squid things are already still installed.. it shows they both can be updated but they wont update after it does the updating  even after a reboot.. so not sure  why it says there are updates when  i updated them..  but ill worry about that later

    4.  the part about the VPN masking.. what i was told  is so your Internet service provder.. cant see what your doing.. likes stealing music  tv shows.. Watching Netflix  from other countries that's illegal.. watching porn..  letting google know what your searching etc….. so your internet service provider cant keep logs on what your searching on your home computer..  is the purpose of the vpn  i have read

    now my question was  if  i have a VPN server at home..  or say at my sisters house  2 hours away...  how do you prevent mine  or her Internet provider from not seeing what your doing on the internet.. like they say VPNs will block so they cant see what your doing
    or can this only be done with paid VPNs like the expresvpn

    as i don't wanna people to know my credit card transactions and other reason you need  a Paid VPN Service  so your ISP can never see what your doing

    but ok ill check out your documents

    thanks so far

    sorry dyslexia  things sound ok in my head but i guess i not explaining right  sorry for any future issues too



  • and i guessing paid vpn service is different from  vpn site to site


  • Banned

    @comet424:

    now my question was  if  i have a VPN server at home..  or say at my sisters house  2 hours away…  how do you prevent mine  or her Internet provider from not seeing what your doing on the internet.. like they say VPNs will block so they cant see what your doing
    or can this only be done with paid VPNs like the expresvpn

    as i don't wanna people to know my credit card transactions and other reason you need  a Paid VPN Service  so your ISP can never see what your doing

    So you don't trust your local ISP, but you are willing to trust some random VPN provider on the internet.  :o


  • LAYER 8 Global Moderator

    A vpn service to stop the black helicopters has zero to do with a site to site vpn so you can securely access stuff at your sisters house.

    Why don't you pick one thing and work with that..

    if you want to remote into your network while outside - remote access server setup.  Openvpn, click click done.

    You want to access stuff on your sisters network securely.  Site 2 Site vpn - click click done.

    So vpn service to stop your isp from knowing what p0rn sites you visit has zero to do with any of that.



  • ah ok i figured one thing could do it all..

    and my question was  i was trying to understand

    if you are bit torrenting they say don't let your ISP know buy a VPN

    but doesn't that VPN service you pay for know what your doing.. isn't that just like a ISP

    reason i was asking is if i used VPN Server on her computer from my house    her ISP  would know what I'm bit torrenting and think it was her connection..

    i dunno i was just inquiring  i not worried not doing anything illegal  it was just a question as i see pop ups on facebook etc that you need a VPN to hide you etc..

    but ill worry about the site to site and try that … i do appreciate all the help so far.. most appreciative


  • LAYER 8 Global Moderator

    "don't let your ISP know buy a VPN "

    Yeah lots of people say this - especially the guys selling vpns ;) heheeheh

    Its got to be one of the most hyped up buzz words currently.. Next to dns leak - both of which I am just sick of hearing to be honest.. Idiots don't have a clue how dns works at all - but now they are freaking out they might have a dns leak… Oh my gawd, my isp might know I did a query for pfsense.org.... And wtf they know I go to amazon.com and facebook --- F'ing Bastards spying on me ;)


  • Banned

    @johnpoz:

    Its got to be one of the most hyped up buzz words currently.. Next to dns leak - both of which I am just sick of hearing to be honest.. Idiots don't have a clue how dns works at all - but now they are freaking out they might have a dns leak… Oh my gawd, my isp might know I did a query for pfsense.org.... And wtf they know I go to amazon.com and facebook --- F'ing Bastards spying on me ;)

    Let's create a new one, call it "Internet access leak" meaning every site you visit knows you have internet access. We then offer a paid service where we sent screenshots of internet sites per mail, to prevent that leak.  ;D


  • LAYER 8 Netgate

    @johnpoz:

    "don't let your ISP know buy a VPN "

    Yeah lots of people say this - especially the guys selling vpns ;) heheeheh

    Its got to be one of the most hyped up buzz words currently.. Next to dns leak - both of which I am just sick of hearing to be honest.. Idiots don't have a clue how dns works at all - but now they are freaking out they might have a dns leak… Oh my gawd, my isp might know I did a query for pfsense.org.... And wtf they know I go to amazon.com and facebook --- F'ing Bastards spying on me ;)

    Yeah there is more to it than that though. There are methods I do not fully understand that content providers are using DNS to geolocate.

    Watched one guy try to get a baseball game and couldn't due to regional blackout then switched to some DNS spoofer (no VPN or anything, just new DNS servers.) I said "it's not going to work" then it god damn worked like a charm. All season. I can't remember the name of the service but it's what they do.

    So there is more to it than rampant, unjustified paranoia.


Log in to reply