Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Resolve WAN domain from LAN (webserver)

    Scheduled Pinned Locked Moved NAT
    11 Posts 5 Posters 7.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      greeeg
      last edited by

      daniel.t3dev1.cross-agency.ch

      I'm a new user in PFSENSE. I decided to install it after reader good reviews and I wanted a BSD based firewall, so…

      After installing PFSENSE, we have an external IP on WAN interface and 10.0.1.x subnet on LAN interface.
      PFSENSE LAN IP : 10.0.1.1
      What I configured :

      • Add a port forwarding for port 80 to LAN webserver (suppose 10.0.1.100)
      • PFSENSE automatically added a firewall rule for port 80
      • Configure DDNS (xxx.dyndns.org)
      • Allow DNS server overridden for DHCP clients

      From outside, URL xxx.dyndns.org displays my webpage, hosted on 10.0.1.100.
      From inside (LAN) xxx.dyndns.org displays PFSENSE webadmin page. http://10.0.1.100 displays 10.0.1.100 webpage.

      I read some doc but I cannot find something that works for me. If I disable "nat reflexion"... that works BUT I can no longer access to PFSENSE webadmin !!! Even 10.0.1.1 redirect me to 10.0.1.100 webpage...
      Do you have an idea ?

      Thanks a lot.

      1 Reply Last reply Reply Quote 0
      • Cry HavokC
        Cry Havok
        last edited by

        Change the port that the pfSense web interface uses (or simply switch it to HTTPS) and then disable NAT reflection.

        1 Reply Last reply Reply Quote 0
        • G
          greeeg
          last edited by

          @Cry:

          Change the port that the pfSense web interface uses (or simply switch it to HTTPS) and then disable NAT reflection.

          Well, thank you for your answer. I found time to try this, but it does not work.
          I check this : Disables the automatic creation of NAT redirect rules for access to your public IP addresses from within your internal networks. Note: Reflection only works on port forward type items and does not work for large ranges > 500 ports
          I move pfsense webadmin to https.

          A nslookup to xxx.dyndns.org gives my wan IP : ok.
          But xxx.dyndns.org in my browser gives a timeout.

          From a LAN client, I try this :
          curl -Iv http://xxx.dyndns.org

          • About to connect() to xxx.dyndns.org port 80 (#0)
            *  Trying xxx.xxx.109.180… Operation timed out
          • couldn't connect to host
          • Closing connection #0
            curl: (7) couldn't connect to host

          Any ideas ?

          1 Reply Last reply Reply Quote 0
          • Cry HavokC
            Cry Havok
            last edited by

            Try re-enabling NAT reflection.

            1 Reply Last reply Reply Quote 0
            • G
              greeeg
              last edited by

              @Cry:

              Try re-enabling NAT reflection.

              Still not working…

              1 Reply Last reply Reply Quote 0
              • S
                Supermule Banned
                last edited by

                Which version??

                1 Reply Last reply Reply Quote 0
                • G
                  greeeg
                  last edited by

                  @Supermule:

                  Which version??

                  1.2.3

                  1 Reply Last reply Reply Quote 0
                  • S
                    Supermule Banned
                    last edited by

                    Are you on the 10.1.x.x LAN yourself??? or are you still at 192.168.x.x??

                    1 Reply Last reply Reply Quote 0
                    • G
                      greeeg
                      last edited by

                      @Supermule:

                      Are you on the 10.1.x.x LAN yourself??? or are you still at 192.168.x.x??

                      I'm 10.0.1.x (pfsense lan is 10.0.1.1).

                      1 Reply Last reply Reply Quote 0
                      • I
                        irongete
                        last edited by

                        Hi greeeg!

                        I'm having the same problem as you, from outside I can see my website but from inside Im being redirected to the pfSense web admin.

                        Did you find a solution to that problem?

                        Thanks!

                        1 Reply Last reply Reply Quote 0
                        • P
                          pcbosrders
                          last edited by

                          sorry if this is sovled
                          but have you checked it sounds like you have to servers listening on port 80
                          set one server to :8080 it should work
                          i found that which ever server is in the nat list first becomes default if there is a conflict
                          just a suggestion from trial and errror

                          don't fix it, if ain't broken !!!

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.