Help with NAT port forward
-
Hi guys
This question might have been asked before and it might be a simple question as well but I've looked every where and tried youtube as well, I'm trying to change my dns use the port number at the end of it but I'm struggling to get it working does anyone know how I can achieve this for example: if my dns is firewall.pfsense.com:8444 I want it to be firewall.pfsense.com without the port number at the end can someone please assist on how I can achieve this without messing up the webconfigurator and having to rollback the changes
-
@zari90
Any TCP packet is addressed to a certain port.
You can omit it in the browsers address line though, but the browser appends it automatically then. If you schema is http, the browser sends the packet to port 80, if it's https to 443.So you will have to use one of these two if you don't want to enter it. To use encrypted connection you need to use 443.
However, if your pfSense is listening on 443 it cannot forward this port from the same destination IP at the same time. So you cannot run webserver behind.
Maybe you want to consider to run HAproxy on pfSense. With this you can have multiple domains listening on a single port and get requests forwarded to the backend servers.
-
Hi Viragomann,
so full disclosure, I installed acme and have a cert then I changed the port on pfsense under Advanced => TCP port then went to dns resolver and used the acme cert for dns records and added the dns name to the IP to resolve the ip to dns name now when I type in the IP or dns it adds the port at the back so trying to remove that port number so it just shows the dns, I have haproxy working work with truenas scale and also a dns record to resolve the IP but this too adds the port number at the end, is there a way I can use the dns without the port number? setting in haproxy maybe? to redirect etc?