LAN to DMZ via WAN

  • Hi
    I have just replaced 2 IPcops with a single 4 zone pfSense box with LAN, DMZ, WAN1 & WAN2

    Advancend Outbound NAT is enabled and all outbound traffic goes out via WAN1 but we route a few selected ports out through WAN2
    We have a web server in the DMZ that hosts some staging sites for several public domains (using a private IP range with NAT). All of the domains resolve to the public IP on the WAN1 interface and I have set up port forwarding to the server in the DMZ.

    This works perfectly for all domains externally however when we visit one of the websites from our LAN we cannot access the site (which resolves to the public IP on the WAN1 IFace). we can access the web server via the private IP on the DMZ but all of host headers do not work on the sites.

    Is it possible to route from the LAN to the DMZ through the WAN IP address? We were able to do this with the IPcops.



    Hint: split dns

    Please remember to search

  • Spent 3 hours searching. Obviously the wrong terms.

    Enabling NAT Reflection seems to have done the trick so far!


Log in to reply