Not able to access url from LAN network but can be accessed from outside



  • Hi

    I have LAN, DMZ & WAN network

    My problem is : Through my LAN network, if I try to access website it doesn't get resolved to IP address
    Uisng IP address ( in DMZ network ) I can access

    from outside my office I can access website.

    Can somebody point out what could be a problem ??

    -Pankaj



  • If the name isn't getting resolved, whatever your clients are using for their DNS servers can't resolve it. Not enough info there to tell you much more on where to look or what to fix, but that's the problem.



  • Thanks for reply here is details info

    LAN: 192.168.X.X
    DMZ: 192.168.X.X
    WAN: 74.X.X.X

    I have a website hosted. e.g www.abc.com
    If I ping www.abc.com from my LAN network request goes to 74.X.X.X
    I want it to go to 192.168.X.X

    Problem: Using IP address ( 192.168.X.X ) I can access website. But using URL I can't from LAN
    Outside of company it works fine

    When I changed my host file & address entry ,url works so problem is NDS resolution is not happening
    Now I stuck in how to do that in firewall so that all my LAN compueteres when trying to access site goes to DMZ & not to external

    Thanks
    Pankaj



  • Hi Did anybody get a chance to look at problem

    Thanks
    Pankaj



  • Go to advanced Nat  uncheck "Disable NAT Reflection"…

    You will find NAT Reflection also on your NAT forward page also...



  • Thanks for reply

    I "uncheck" both tab in "Advanced"
    i.e. Disable NAT reflection for port forwards & Disable NAT reflection for 1:1 forwards
    Previously both were checked.

    But still I see problem

    Regards
    Pankaj



  • @pankaj123:

    LAN: 192.168.X.X
    DMZ: 192.168.X.X

    two networks with same subnet could be the problem. also check rules you applied in LAN and DMZ for name resolutions (udp port 53)



  • Yes currently LAN & DMA are same network but here what I thought

    1. I can access site using IP address ( 192.168.X.X ) & not using URL so, accessibility is not a problem
    2. If I put entries in my host file then using URL I am able to access ( 192.168.X.X  www.abc.com )

    Not sure whether udp comes into picture or dns is real problem

    Thanks & Regards
    Pankaj



  • @pankaj123:

    Yes currently LAN & DMA are same network but here what I thought

    Do not use same network on two interfaces unless you configured a bridge between them.

    Change LAN and or DMA network range or subnet mask and test again.



  • @marcelloc:

    @pankaj123:

    Yes currently LAN & DMA are same network but here what I thought

    Do not use same network on two interfaces unless you configured a bridge between them.

    Change LAN and or DMA network range or subnet mask and test again.

    This. You cannot do what you're doing with any device, you're breaking a general rule of networking and will have various problems.



  • am experiencing this same issue.  were you able to resolve?  how?

    My router is 192.168.0.1
    WAN IP of router: 4.5.6.7

    LAN IP of my server: 192.168.0.100
    WAN IP of my server: 1.2.3.4

    Each time I attempt to access my server (from behind the firewall) using it's internet/WAN IP of 1.2.3.4, I used to be able to do so.  Now, any http://1.2.3.4 points me back to 192.168.0.1.

    I have any/all all DISABLE NAT REFLECTION options unchecked.  Seems to be related to 2.0.1 release.  May need to roll back to 2.0 release.



  • Change pfsense webgui port to some port other then service port you want to nat.


Locked