4. Problem with NAT port web server. Please help me!!!

Problem with NAT port web server. Please help me!!!

  • M

    Hello,
    I used pfsense 2.3.5. I setup pfsense on PC with 5 Lan card.
    I setup 3 WAN ppoe on pfsense.
    wan1: 100Mb with 1 public IP
    Wan2: 60Mb
    Wan3: 75Mb witch 1 public IP
    I loadbalance 3 wan.
    Internal network I have 2 subnet.
    1 subnet for LAN (172.16.0.0/16)
    1 subnet for wifi (172.15.0.0/16)
    I have 1 web server in LAN (IP web server: 172.16.254.3)
    I want to public web server by NAT port forarding. I NAT via Wan1.
    when I NAT web server, user outside access my website is ok.
    But, user inside not ok. when I access my website in internal network, My website redirect to WebGUI pfsense.
    I can not access to my website.
    Please help me.
    Thanks

    0

  • Either enable a NAT Reflection mode or configure split DNS to resolve its domain to is LAN IP address.

    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    0
  • M

    thanks so much for your reply.
    It is ok

    0
  • M

    Sorry, let me ask you the question the other day
    I used pfsense 2.3.5. I setup pfsense on PC with 5 Lan card.
    I setup 3 WAN ppoe on pfsense.
    wan1: 100Mb with 1 public IP
    Wan2: 60Mb
    Wan3: 75Mb witch 1 public IP
    I loadbalance 3 wan.
    Internal network I have 2 subnet.
    1 subnet for LAN (172.16.0.0/16)
    1 subnet for WIFI (172.15.0.0/16)
    I have 1 web server in LAN (IP web server: 172.16.254.3)
    I want to public web server by NAT port forarding. I NAT via Wan1.
    when I NAT web server, user outside access my website is ok.
    But, user inside not ok. when I access my website in internal network, My website redirect to WebGUI pfsense.
    I can not access to my website.

    Then I followed this direction:
    Either enable a NAT Reflection mode or configure split DNS to resolve its domain to is LAN IP address.

    https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    I check that ok
    But today I found out that

    It's only ok when I access my website by WIFI interface.
    When I access my website by LAN interface not ok.

    WIFI interface: 172.15.0.0/16
    LAN interface: 172.16.0.0/16
    Local IP my website: 172.16.254.3

    Please help me.

    0
  • LAYER 8 Global Moderator

    1 subnet for LAN (172.16.0.0/16)
    1 subnet for WIFI (172.15.0.0/16)

    Why would you use such large masks??  Makes no sense to use such a large mask that includes 65K possible address.  Do you have that many hosts that might connect to those networks?

    0
  • M

    Thanks you.
    everything was ok when I switch to mode NAT + Proxy
    Originally I chose the mode Pure NAT

    Thank so much

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy