Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    multiple hosts single WAN address

    Scheduled Pinned Locked Moved NAT
    5 Posts 2 Posters 433 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      marmar_75
      last edited by

      I want to be able to have multiple DNS entries, which point to my single WAN address, to map to IP's behind NAT (potentially with different ports).

      So, for instance, I might have Bob.go for a root domain, pointed to my WAN IP on PFSense; I want to create See.Bob.Go and point it to the same IP address as Bob.go, but I want See.Bob.Go to go via NAT to, let's say, 192.168.5.7 and Look.Bob.Go to map to 192.168.5.9.

      Can this be done with PFSense?

      V 1 Reply Last reply Reply Quote 0
      • V
        viragomann @marmar_75
        last edited by

        @marmar_75
        pfSense works on Layer 3 by default and so it cannot separate host names.

        But you can install the haproxy package, wihch is capable to direct web traffic to different IPs based on host names.

        M 1 Reply Last reply Reply Quote 0
        • M
          marmar_75 @viragomann
          last edited by

          @viragomann said in multiple hosts single WAN address:

          But you can install the haproxy package, wihch is capable to direct web traffic to different IPs based on host names.

          Aha. This may be the thread I'm hoping for :) Would the proxy impact my other traffic?

          V 1 Reply Last reply Reply Quote 0
          • V
            viragomann @marmar_75
            last edited by

            @marmar_75 said in multiple hosts single WAN address:

            Would the proxy impact my other traffic

            haproxy does exactly what you tell him to do.

            Assuming your stated domains are for webservers, you have to configure haproxy to listen on ports 80 and 443 (with SSL offloading), so each packet coming in at these ports is passing haproxy, but it doesn't impact any other traffic on other ports.

            https://docs.netgate.com/pfsense/en/latest/packages/haproxy.html

            M 1 Reply Last reply Reply Quote 0
            • M
              marmar_75 @viragomann
              last edited by

              @viragomann I'll play with it and see what we can do with it. Thank you :)

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.