Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't get to anything behind FW from behind FW

    Scheduled Pinned Locked Moved Firewalling
    3 Posts 3 Posters 1.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B Offline
      banditti
      last edited by

      Not sure where to post this.  Here is my scenario.

      I have a PF that is doing NAT  (public IP to private)

      If I am on the LAN side of the PF, I can't get to any of the routable IP's of machines behind the PF.

      ie.,  www.acme.com is a web server I have behind the PF.  If I am on any machine behind the PF, I can't get to www.acme.com

      I have tried multiple DNS servers and no go.

      Thoughts?

      1 Reply Last reply Reply Quote 0
      • J Offline
        Jahntassa
        last edited by

        You need to use Split DNS by using the DNS Forwarder in pfsense. That way machines on your network get the local IP rather than the external IP.

        By default NAT reflection is disabled. Which is another way of 'fixing' your issue, but I find it doesn't work very well when enabled.

        1 Reply Last reply Reply Quote 0
        • GruensFroeschliG Offline
          GruensFroeschli
          last edited by

          http://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks%3F

          We do what we must, because we can.

          Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.