DNS problems, proably easy fix.



  • I will explain my setup as best as possible, if I forget something ask me.

    Behind my pfsense box is a LAN switch 192.168.1.10 - 192.168.1.25, I run dyndns, the address is example.dyndns.org, this points straight to my pfsense box, so I can remotely log in which is nice when I am at work and get a idea. Also behind the pfsense is a webserver I am still setting up, it is Ubuntu server, with EHCP installed on it ( which is a whole other forum of problems ) I am only able to log onto the server locally via 192.168.1.22, I would like to be able to get it accessible from outside my network, using dyndns.org possibly same address example.dyndns.org.

    Is it possible to get pfsense admin page  to be on https://example.dyndns.org and have my webserver on http://example.dyndns.org.. Note I said HTTPS for pfsense and HTTP for webserver. This is the only way I can think of doing this is to use the same dyndns account, I know what I am missing is right in front of me, I just cant figure it out.

    Thank you in advance for your help.

    P.S example.dyndns.org is not my real address.. :)



  • Set up port forward on WAN (Firewall -> NAT, click on Port Forward tab) so http traffic (port 80) goes to your Ubuntu server.

    Choose https access to the web configurator (System -> Advanced, click on Admin Access) rather than http.



  • I tried that, and everytime I try to access my webserver via http:// it redirects me to https://



  • I presume these access attempts don't come in on the WAN interface (e.g. an attempt from your LAN) hence don't match the port forward rule (which will only match connection attempts arriving on the WAN interface).

    If you are using the pfSense DNS forwarder you could add a name entry for example.dyndns.org to map to your Ubuntu server.

    You should test your access from the internet by initiating the connection from somewhere on the Internet, not from somewhere on your LAN.



  • Ok, I am reinstalling the server as I think it is a server configuration problem right now, Once I RDP'd into a remote location it would just time out trying to access the address example.dyndns.org, so It is  trying to see it, but my server is not accepting connections I think.



  • You could use packet capture on pfSense or tcpdump shell command on pfSense or the server to check your access attempt is being sent to the server or arriving at the server.



  • OK, so it appears it might be my settings in my rules, Just to be sure, the ip address that my server is currently on is 192.168.1.22 so I go to NAT under firewall, and select WAN for interface, tcp/udp for protocol, wan for destination, port range is http 80, and target ip is 192.168.1.22. It also made rules automatically after completing this. My settings that are incorrect must be here.



  • and as well on packet capture, nothing was showing for my servers activity. So I suppose this tells me that it is not sending or receiving anything, but from my server I can ping google.



  • @virtualliquid:

    OK, so it appears it might be my settings in my rules, Just to be sure, the ip address that my server is currently on is 192.168.1.22 so I go to NAT under firewall, and select WAN for interface, tcp/udp for protocol, wan for destination, port range is http 80,

    DESTINATION port is 80? (not SOURCE port 80?)

    @virtualliquid:

    and as well on packet capture, nothing was showing for my servers activity. So I suppose this tells me that it is not sending or receiving anything, but from my server I can ping google.

    Did you reset firewall states after establishing port forward rule?  (See note on Diagnostics > States, click on Reset States tab).

    Did you see your access attempt logged in the firewall log (Status -> System Logs, click on Firewall tab)?

    Perhaps you didn't set up packet capture correctly?  Does the packet capture show pings when you ping Goggle?



  • All figured out, my rules were backwards, I had my source and destination switched. I have it successfully set up to forward port 80 to my Ubuntu server which is on 192.168.1.22, and I am able to remotely login to my pfsense using https://, all from one dyndns host.

    Thank you for the help.


Log in to reply