Enabling Nat reflection causes problems



  • Hi there.
    I need to reach from my LAN the internal mail server (kerio) through it's public IP (need to setup an Iphone). From outside using the public IP or mail.hostname.com (which obviously resolves to the static IP)  just works fine but from inside my LAN, if I digit the public IP, I get the pfsense webaccess login mask. I then tried to enable the nat reflection but suddendly the http navigation got disabled. Every http requests pointed to the webmail login page of my mail server. The only way to access my pfsense was via local console.
    Which other solution do you see? I'm trying with dns split but it doesen't seem to work at all!
    Thanks in advance.
    Max
    Italy



  • You also need/should move the port of the webinterface of the pfSense to a different port.

    How did you configure your split-dns? (screenshots)



  • Solved! I forgot to flag the register DHCP leases in DNS forwarder and register DHCP static mapping in DNS forwarder.
    Thanks
    Max


  • Banned

    I was about to say that….in 1.2.3 this causes no issues on port 80. It is also solved in the jan 18 snapshot if I recall correctly.


Log in to reply