4. Problem with NAT port web server. Please help me!!!

Problem with NAT port web server. Please help me!!!

  • M

    Hello,
    I used pfsense 2.3.5. I setup pfsense on PC with 5 Lan card.
    I setup 3 WAN ppoe on pfsense.
    wan1: 100Mb with 1 public IP
    Wan2: 60Mb
    Wan3: 75Mb witch 1 public IP
    I loadbalance 3 wan.
    Internal network I have 2 subnet.
    1 subnet for LAN (172.16.0.0/16)
    1 subnet for wifi (172.15.0.0/16)
    I have 1 web server in LAN (IP web server: 172.16.254.3)
    I want to public web server by NAT port forarding. I NAT via Wan1.
    when I NAT web server, user outside access my website is ok.
    But, user inside not ok. when I access my website in internal network, My website redirect to WebGUI pfsense.
    I can not access to my website.
    Please help me.
    Thanks

    0

  • Either enable a NAT Reflection mode or configure split DNS to resolve its domain to is LAN IP address.

    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    0
  • M

    thanks so much for your reply.
    It is ok

    0
  • M

    Sorry, let me ask you the question the other day
    I used pfsense 2.3.5. I setup pfsense on PC with 5 Lan card.
    I setup 3 WAN ppoe on pfsense.
    wan1: 100Mb with 1 public IP
    Wan2: 60Mb
    Wan3: 75Mb witch 1 public IP
    I loadbalance 3 wan.
    Internal network I have 2 subnet.
    1 subnet for LAN (172.16.0.0/16)
    1 subnet for WIFI (172.15.0.0/16)
    I have 1 web server in LAN (IP web server: 172.16.254.3)
    I want to public web server by NAT port forarding. I NAT via Wan1.
    when I NAT web server, user outside access my website is ok.
    But, user inside not ok. when I access my website in internal network, My website redirect to WebGUI pfsense.
    I can not access to my website.

    Then I followed this direction:
    Either enable a NAT Reflection mode or configure split DNS to resolve its domain to is LAN IP address.

    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    I check that ok
    But today I found out that

    It's only ok when I access my website by WIFI interface.
    When I access my website by LAN interface not ok.

    WIFI interface: 172.15.0.0/16
    LAN interface: 172.16.0.0/16
    Local IP my website: 172.16.254.3

    Please help me.

    0
  • Rebel Alliance Global Moderator

    1 subnet for LAN (172.16.0.0/16)
    1 subnet for WIFI (172.15.0.0/16)

    Why would you use such large masks??  Makes no sense to use such a large mask that includes 65K possible address.  Do you have that many hosts that might connect to those networks?

    0
  • M

    Thanks you.
    everything was ok when I switch to mode NAT + Proxy
    Originally I chose the mode Pure NAT

    Thank so much

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy