Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Error when accessing website from within network

    Scheduled Pinned Locked Moved General pfSense Questions
    11 Posts 5 Posters 932 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kdmiller61
      last edited by

      This is a great product, I have it installed and working, I am able to access my websites from the Internet, but when I try to access them from the intranet I getting the following error

      What Have I got misconfigured please and the steps to correct the configuration

      Potential DNS Rebind attack detected, see http://en.wikipedia.org/wiki/DNS_rebinding
      Try accessing the router by IP address instead of by hostname.

      1 Reply Last reply Reply Quote 0
      • chpalmerC
        chpalmer
        last edited by

        Are you actually using TNSR? Or pfSense??

        Triggering snowflakes one by one..
        Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

        K 1 Reply Last reply Reply Quote 0
        • S
          SteveITS Galactic Empire
          last edited by

          Do you have NAT reflection enabled? Sounds like you're connecting to the pfSense GUI.

          Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
          Upvote ๐Ÿ‘ helpful posts!

          K 1 Reply Last reply Reply Quote 0
          • K
            kdmiller61 @chpalmer
            last edited by

            @chpalmer As far as I know the application says PfSense, not sure what TNSR stands for

            Thank

            Keith

            1 Reply Last reply Reply Quote 0
            • K
              kdmiller61 @SteveITS
              last edited by

              @teamits No I do not, I believe, but will check when I get home. I am going to be purchasing a book covering PfSense do you have any suggestions of Authors

              Mastering pfSense: Manage, secure, and monitor your on-premise and cloud network with pfSense 2.4, 2nd Edition
              by David Zientara | May 9, 2018

              thanks Keith

              P.S. if you have step by step instruction that would be VERY Much appreciated

              1 Reply Last reply Reply Quote 0
              • S
                SteveITS Galactic Empire
                last edited by

                try this book :)
                https://docs.netgate.com/pfsense/en/latest/book/nat/nat-reflection.html

                Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                Upvote ๐Ÿ‘ helpful posts!

                1 Reply Last reply Reply Quote 1
                • K
                  kdmiller61
                  last edited by

                  I there a checklist type document that says under this situation you should use this type of NAT Reflection option

                  Keep in mind, this is nothing I perceive as being fancy a home network with a Dell R610 running ProxMox and vm's are a webserver, mail server (Zimbra) and a IRC server (Ircd), No domain server at home, just using Cox Business account DNS servers.

                  1 Reply Last reply Reply Quote 0
                  • S
                    SteveITS Galactic Empire
                    last edited by

                    NAT reflection is used when one is trying to access the WAN IP from the LAN network. Reflection tells the router to reflect the request to the LAN IP. The other option is "split DNS" where your LAN resolves the hostname in question to a LAN IP and bypasses the router.

                    Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                    When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
                    Upvote ๐Ÿ‘ helpful posts!

                    1 Reply Last reply Reply Quote 0
                    • chpalmerC
                      chpalmer
                      last edited by chpalmer

                      This is in the TNSR forum thread section. Better to move it to the pfSense general questions.

                      https://forum.netgate.com/category/38/general-pfsense-questions

                      Triggering snowflakes one by one..
                      Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                      1 Reply Last reply Reply Quote 0
                      • johnpozJ
                        johnpoz LAYER 8 Global Moderator
                        last edited by

                        @kdmiller61 said in Error when accessing website from within network:

                        under this situation you should use this type of NAT Reflection option

                        I would say NEVER, I would never suggest you ever use nat reflection - the only time it might be "required" is if the stupid app is hard coded to an IP.. Better to fix the APP.. hard coding of an IP is never a good idea..

                        The better solution would be to have your local dns resolve the local IP via fqdn of the resource your trying to access, vs hitting your wan IP just to be reflected back in.

                        btw - also moved this to general, since its clear this is not TNSR..

                        An intelligent man is sometimes forced to be drunk to spend time with his fools
                        If you get confused: Listen to the Music Play
                        Please don't Chat/PM me for help, unless mod related
                        SG-4860 24.11 | Lab VMs 2.8, 24.11

                        1 Reply Last reply Reply Quote 0
                        • stephenw10S
                          stephenw10 Netgate Administrator
                          last edited by

                          Yup split DNS is a better solution here.

                          https://docs.netgate.com/pfsense/en/latest/nat/accessing-port-forwards-from-local-networks.html

                          Steve

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.