Why isn't it possible to access NATed services by the public IP address from LAN
-
Thanks to http://www.gsihosting.com/ we now have this feature. I would like to thank GSI Hosting for sponsoring the feature. This feature is now in RELENG_1 and will appear on the next version.
-
Good news!
Thanks to all the team and gsihosting.com !
-
Not to drag out an old subject but this message is to alert the userbase that gsihosting skipped out on paying their bill. pfSense does not recommend using these guys for anything.
Pretty bad to screw over an open source project…. If you or anyone you know uses gsi please ask them to let their hosting provider know how bad it is to basically cut off all communication and not pay their bill when we spent a LOT of time on this feature.
-
im not sure why you would access something that is already on your local lan, via its external ip address? (well i guess other than for testing).
1-To test external DNS
2-To test some rules (The rule are not the same via the Lan NIC and the OPT1 NIC)But with proxy, its possible to test it, but you have to search active proxy…
Thanks all for your answer
Has anyone stopped to think of the ramifications of this feature? ALL traffic that would have been to the LAN would be sent THROUGH the firewall. What good is that when you could simply run split dns and keep all traffic LOCAL?
Split DNS is possible if you have multiple IPs. I only have 1 and multiple servers on a VMware Server box. This is my home network and don't have money to spend for multiple IPs. So theres no easy way to seperate traffic to the same hostname on different ports to different machines without this feature. Yes you can go directly to the machine name, but for mail its a pain to switch back and forth when your inside and outside the network. Same with web applications that have hard coded address (Gallery is just one of them).