Https svn access via dyn from LAN



  • All my devices are configured to access my svn server using my dyndns name and I want to access my local server with theses machines without having to reconfigure them.

    So after installing pfsense 2.0.3-RELEASE, I did the following:
    1. I configured my web interface to use another port then the default 443 (since I want to forward 443 to my svn server)
    2. I added a NAT rule to forward https request via WAN to my server (191.168.1.3)

    If     Proto Src. addr Src. ports     Dest. addr     Dest. ports NAT IP         NAT Ports
    WAN TCP *         *             WAN address 443 (HTTPS) 192.168.1.3 443 (HTTPS)

    which works fine  (a new firewall rule was added: TCP * * 192.168.1.3 443 (HTTPS) * none ).
    3. I added an additional NAT rule to forward all https requests from LAN which target the routers WAN address to my server (191.168.1.3)

    LAN TCP * * WAN address 443 (HTTPS) 192.168.1.3 443 (HTTPS)

    this time I didn't add an additional firewall rule. (since I assume 'Default allow LAN to any rule' covers this)
    sadly this didn't work.
    4. I added an additional NAT rule to forward all https  requests from LAN which target the routers LAN address to my server (191.168.1.3)

    LAN TCP * * LAN address 443 (HTTPS) 192.168.1.3 443 (HTTPS)

    again I didn't add an additional firewall rule. (since I assume 'Default allow LAN to any rule' covers this)
    sadly this too didn't work.

    -> since I'm fairly new in the use of pfsense, I wanted to as is someone could tell me what I did wrong and how to fix it.

    Greetings

    Selur



  • disabling "Disable NAT Reflection for port forwards" fixed the issue
    Is there any downside to this?


Log in to reply