DNS Forwarder in Multi Lan Scenario



  • Hi All,

    I have a Quad-Wan and Multi LAN setup. I am experiencing issue with DNS forwarder. Two Lan subnets are:

    LAN 1  172.16.100.0
    LAN 2   172.16.101.0.

    The HFS webserver is on LAN1 with IP 172.16.100.4.

    I have made a DNS forwarder rule for it and its working fine only on LAN 1 .

    How can i make the same webserver accessible to users on LAN 2

    Regards.



  • @nabzilla:

    I have made a DNS forwarder rule for it and its working fine only on LAN 1 .

    Did you mean firewall rule rather than DNS forwarder rule? If not, please explain how you made a DNS forwarder rule?

    @nabzilla:

    How can i make the same webserver accessible to users on LAN 2

    How is it currently inaccessible? The hostname you are using is unknown? The hostname you are using translates to the wrong IP address? It would probably be helpful to know the access test you are using and what is reported: I did … and I saw ...

    Maybe your access attempt is blocked by the firewall. If so, you should see the access attempt in the firewall log which can be displayed at Status -> System Logs and click on the Firewall tab. If LAN 2 is not the pfSense LAN interface then you will need some sort of firewall rule to allow access to the web server. (The pfSense default is that systems on the pfSense LAN interface are allowed to access anything but systems on other pfSense interfaces are blocked from accessing anything.) If you want to allow ANY system on LAN 2 to access the web server a suitable rule on interface LAN 2 could be:
    allow Interface=LAN 2, protocol=any, source=LAN 2 net, source port=, destination=web server IP address, destination port=,
    But you would need to adjust this rule depending on exactly what access you want to allow to the web server system (do you want to allow any pings, ssh, ftp, telnet etc or restrict access to http only)



  • Thanks alot. I will try and post result



  • I meant DNS forwarder Rule. I searched the forums about this and i learned that If I needed to publish a local webserver for LAN users I will have to make a dns forwarder rule so that the domain name translates to the hostname.. For instance The DNS Forwarder Rule is
    Host=www, domain=webserver.com, ip=172.16.100.1
    I have two Lan interfaces LAN1=172.16.100.0 and LAN2 172.16.101.0
    Users on LAN1 can access www.webserver.com, but users on lan2 subnet cannot. even with IP
    As u suggested. I have also made a firewall rule.
    allow Interface=LAN 2, protocol=any, source=LAN 2 net, source port=, destination=web server IP address, destination port=,
    I have even tested with whole LAN1 subnet instead of just webserver ip address. still nothing.
    :'(



  • It is ften necessary to reset firewall states after changing firewall rules. See Diagnostics -> States, click on Reset States tab.

    If your access fro LAN2 to LAN1 is being blocked by the firewall default rule you normally see this logged in the firewall log at Status -> System Logs, click on Firewall tab.


Log in to reply