Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Access to DMZ from LAN through external interface (WAN)

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      llandry
      last edited by

      OK, not sure exactly where this fits in or even if it's a pfSense question but here goes…

      I have a pfSense firewall with 3 interfaces, WAN, LAN and DMZ..

      The DMZ contains my Apache httpd server farm, the LAN, my tomcats and database servers...  The application running on the TCs needs to access a dtd that is located on the Apache farm in the form of a call to "www.domainname.com/dtd/2.0/filename.dtd"

      The dtd file is readily accessible from anywhere on the net, EXCEPT, any of the servers on the LAN.... The domain resolves to the correct external IP, but I always get a 404 as a response... There are no traces of the request for the file on the http servers, nothing in access_log or error_log.

      Any clue  ???

      Thanks in advance..

      L2

      1 Reply Last reply Reply Quote 0
      • B
        Bern
        last edited by

        Are you using NAT, and if so, have you got NAT reflection turned on?

        Sounds like your tomcats are resolving to the external IP address and trying to connect on external_ip:80, which probably won't work without NAT reflection.

        1 Reply Last reply Reply Quote 0
        • L
          llandry
          last edited by

          Thanks for the quick reply Bern,

          Yes indeed, my TCs are trying to access external_ip:80… that's exaclty what my problem is. I'll have a look at NAT reflection

          Thanks

          L2

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.