Https svn access via dyn from LAN

Selur · May 14, 2013, 10:16 PM

All my devices are configured to access my svn server using my dyndns name and I want to access my local server with theses machines without having to reconfigure them.

So after installing pfsense 2.0.3-RELEASE, I did the following:
1. I configured my web interface to use another port then the default 443 (since I want to forward 443 to my svn server)
2. I added a NAT rule to forward https request via WAN to my server (191.168.1.3)

If Proto Src. addr Src. ports Dest. addr Dest. ports NAT IP NAT Ports
WAN TCP * * WAN address 443 (HTTPS) 192.168.1.3 443 (HTTPS)

which works fine (a new firewall rule was added: TCP * * 192.168.1.3 443 (HTTPS) * none ).
3. I added an additional NAT rule to forward all https requests from LAN which target the routers WAN address to my server (191.168.1.3)

LAN TCP * * WAN address 443 (HTTPS) 192.168.1.3 443 (HTTPS)

this time I didn't add an additional firewall rule. (since I assume 'Default allow LAN to any rule' covers this)
sadly this didn't work.
4. I added an additional NAT rule to forward all https requests from LAN which target the routers LAN address to my server (191.168.1.3)

LAN TCP * * LAN address 443 (HTTPS) 192.168.1.3 443 (HTTPS)

again I didn't add an additional firewall rule. (since I assume 'Default allow LAN to any rule' covers this)
sadly this too didn't work.

-> since I'm fairly new in the use of pfsense, I wanted to as is someone could tell me what I did wrong and how to fix it.

Greetings

Selur

Selur · May 15, 2013, 11:53 AM

disabling "Disable NAT Reflection for port forwards" fixed the issue
Is there any downside to this?