4. Access to DMZ from LAN through external interface (WAN)

Access to DMZ from LAN through external interface (WAN)

  • L

    OK, not sure exactly where this fits in or even if it's a pfSense question but here goes…

    I have a pfSense firewall with 3 interfaces, WAN, LAN and DMZ..

    The DMZ contains my Apache httpd server farm, the LAN, my tomcats and database servers...  The application running on the TCs needs to access a dtd that is located on the Apache farm in the form of a call to "www.domainname.com/dtd/2.0/filename.dtd"

    The dtd file is readily accessible from anywhere on the net, EXCEPT, any of the servers on the LAN.... The domain resolves to the correct external IP, but I always get a 404 as a response... There are no traces of the request for the file on the http servers, nothing in access_log or error_log.

    Any clue  ???

    Thanks in advance..

    L2

    0
  • B

    Are you using NAT, and if so, have you got NAT reflection turned on?

    Sounds like your tomcats are resolving to the external IP address and trying to connect on external_ip:80, which probably won't work without NAT reflection.

    0
  • L

    Thanks for the quick reply Bern,

    Yes indeed, my TCs are trying to access external_ip:80… that's exaclty what my problem is. I'll have a look at NAT reflection

    Thanks

    L2

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy