Multiwan + no web server access from LAN
-
Hi all,
hope you can help me because I freak out on my problem.I have to 2 WAN connections.
WAN1 has a static IP address (x.x.x.x)
WAN2 has a dynamic IP address (y.y.y.y)From WAN1 I have a port forwards to a internal server S1 to ports 8020 and 8383, the S1 communicate over the same IP out like the WAN1. If now I try to access the Web server over the ports from a external IP address like form my UMTS CARD I can access the Webpage perfect (http://x.x.x.x:8383).
But if I try to access the IP address from internal LAN with x.x.x.x:8383 I get every time in firefox this message:
–--------------------------------------------
Secure Connection FailedAn error occurred during a connection to x.x.x.x:8383.
SSL received a record that exceeded the maximum permissible length.
(Error code: ssl_error_rx_record_too_long)
* The page you are trying to view can not be shown because the authenticity of the received data could not be verified.* Please contact the web site owners to inform them of this problem. Alternatively, use the command found in the help menu to report this broken site.
What I really not understand why it works from a external IP address perfect and from a internal not. >:(
What can be happen ???Hope really that someone can help out on this problem.
Best PD
-
Try enabling NAT reflection.
-
Try enabling NAT reflection.
Thanks for the hint. In my settings I have "Disable NAT Reflection" not activated.
Same Problem.
-
Is NAT reflection specifically enabled on your port forward rule?
-
Is NAT reflection specifically enabled on your port forward rule?
Wow, never see this option, I using Version 1.2.3. Maybe your picture is from the version 2.0.
How I can this also in Version 2.0?
Thanks Boolah.
PD
-
You're right - that screen shot was from 2.0. In 1.2.3, I think you'll need to recreate the forward after you change the NAT reflection setting on the advanced options page. It's been a while since I ran 1.2.3…
-
You're right - that screen shot was from 2.0. In 1.2.3, I think you'll need to recreate the forward after you change the NAT reflection setting on the advanced options page. It's been a while since I ran 1.2.3…
Hi,
I delete first all rules. Wait around 10min and recreate all rules. But I get the same error again.
Attached my FW Rule and NAT Rule.Have anyone some more hints how to fix it ???
![Screenshot - 24.08.2010 , 09_22_22.png](/public/imported_attachments/1/Screenshot - 24.08.2010 , 09_22_22.png)
![Screenshot - 24.08.2010 , 09_22_22.png_thumb](/public/imported_attachments/1/Screenshot - 24.08.2010 , 09_22_22.png_thumb)
-
Now I found the problem why the NAT is not working and I think it is a Bug in the pfSense 1.2.3.
It looks like that the "NAT Port Forward" have got problems with "Aliases" type "PORTS"
I create a Alias with 2 Ports (80, 443) type "Ports(s). I use this in my Alias in my Port Forward rule.After I try to get on the external IP over a internal Network, it doesn't work.
Now I split the Port Forward rule into to rules without a alias and use for the one rule the port 80
and for the other one 443. And now BINGO, it works, I can access a Webpage from the internal
network to the external address what is a port forward to our internal network.Now I test this on a another pfSense installation that we have in a another location and I can
reproduce the problem on that one too.So it looks like the version 1.2.3 have the bug with PORT ALIASES.
Hope this can help other users now.
Best,
PD