Accessing servers behind firewall



  • I am using dyndns.org to keep track of my dynamic IP address (of my home modem) and update a domain name mydomain.dyndns.org

    What I would like to do is set something up so that I could access my servers not by port number (as in prt forwarding), but by domain names.

    So  serverA.mysite.dyndns.org points to server A on my LAN
    and serverB.mysite.dyndns.org points to server B on my LAN.

    How do I set this up?



  • For some protocols (eg HTTP) you can do this with a proxy. For other protocols it's not possible.



  • You're aware that wildcard support in DynDNS now requires the (paid for) DynDNS Pro?

    Otherwise, as ktims said, you need an application protocol for which the client passes the hostname it is connecting to, and then use a proxy.



  • @Cry:

    You're aware that wildcard support in DynDNS now requires the (paid for) DynDNS Pro?

    I do have a Pro account.

    How does that help me?



  • It doesn't, beyond allowing you to use wildcards.



  • Is this a limitation of pfsense, or the fact that I don't have a DNS server running?
    Would setting up a DNS server on my LAN allow me to get the results I am looking for?



  • @ktims:

    For some protocols (eg HTTP) you can do this with a proxy. For other protocols it's not possible.

    How you resolve the hostnames is unimportant.  If you have a single IP then you can only do (as has already been said multiple times) it with a protocol that supports it.



  • With a standard pfSense you won't be able to do it.

    If both websites are on the same physical server, running under the control of a single web server (eg. Apache), then virtual host configuration will be able to handle it.

    If you have physically different servers (eg. 192.168.1.2 and 192.168.1.3), then you will have to set up some kind of proxying facility. You can use a third box (ugh), or install something like ffproxy, varnish, or mod_proxy on Apache on one of the servers.

    If you go for the second option (recommended) then you'll forward all incoming HTTP requests to this box and the proxy will have to analyse the "Host" header on the incoming HTTP requests and route it to the relevant web server.


Log in to reply