Resolve WAN domain from LAN (webserver)
-
daniel.t3dev1.cross-agency.ch
I'm a new user in PFSENSE. I decided to install it after reader good reviews and I wanted a BSD based firewall, so…
After installing PFSENSE, we have an external IP on WAN interface and 10.0.1.x subnet on LAN interface.
PFSENSE LAN IP : 10.0.1.1
What I configured :- Add a port forwarding for port 80 to LAN webserver (suppose 10.0.1.100)
- PFSENSE automatically added a firewall rule for port 80
- Configure DDNS (xxx.dyndns.org)
- Allow DNS server overridden for DHCP clients
From outside, URL xxx.dyndns.org displays my webpage, hosted on 10.0.1.100.
From inside (LAN) xxx.dyndns.org displays PFSENSE webadmin page. http://10.0.1.100 displays 10.0.1.100 webpage.I read some doc but I cannot find something that works for me. If I disable "nat reflexion"... that works BUT I can no longer access to PFSENSE webadmin !!! Even 10.0.1.1 redirect me to 10.0.1.100 webpage...
Do you have an idea ?Thanks a lot.
-
Change the port that the pfSense web interface uses (or simply switch it to HTTPS) and then disable NAT reflection.
-
@Cry:
Change the port that the pfSense web interface uses (or simply switch it to HTTPS) and then disable NAT reflection.
Well, thank you for your answer. I found time to try this, but it does not work.
I check this : Disables the automatic creation of NAT redirect rules for access to your public IP addresses from within your internal networks. Note: Reflection only works on port forward type items and does not work for large ranges > 500 ports
I move pfsense webadmin to https.A nslookup to xxx.dyndns.org gives my wan IP : ok.
But xxx.dyndns.org in my browser gives a timeout.From a LAN client, I try this :
curl -Iv http://xxx.dyndns.org- About to connect() to xxx.dyndns.org port 80 (#0)
* Trying xxx.xxx.109.180… Operation timed out - couldn't connect to host
- Closing connection #0
curl: (7) couldn't connect to host
Any ideas ?
- About to connect() to xxx.dyndns.org port 80 (#0)
-
Try re-enabling NAT reflection.
-
@Cry:
Try re-enabling NAT reflection.
Still not working…
-
Which version??
-
-
Are you on the 10.1.x.x LAN yourself??? or are you still at 192.168.x.x??
-
Are you on the 10.1.x.x LAN yourself??? or are you still at 192.168.x.x??
I'm 10.0.1.x (pfsense lan is 10.0.1.1).
-
Hi greeeg!
I'm having the same problem as you, from outside I can see my website but from inside Im being redirected to the pfSense web admin.
Did you find a solution to that problem?
Thanks!
-
sorry if this is sovled
but have you checked it sounds like you have to servers listening on port 80
set one server to :8080 it should work
i found that which ever server is in the nat list first becomes default if there is a conflict
just a suggestion from trial and errror