Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    I am sure this is something simple I am missing…

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 662 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      sg1
      last edited by

      I have port forwarding set-up for an internal network DVR to allow connections from the outside.  Internally, I am using 1918 space and have set-up split DNS so that I can have the same address resolve internally and externally (just from different places).  I have tested the DNS resolution aspect so that from the outside, it resolves to my firewall (pfsense) and if I am internal, it resolves to the ip address of the server itself.

      I set-up port forwarding on pfsense to NAT incoming connections to the internal address of the server port 8082 and I get the certificate agreement etc. and I can see in the logs that it is indeed doing the translation.  It responds though with the internal address of the server after the initial exchange and I cannot tell specifically why.  My assumption would be that the inbound connection is resolved to my pfsense, it see this traffic bound for port 8082 and translates that to the internal server address :8082 (which it does) and outbound, I would assume it would NAT that traffic to the WAN interface address (per the outbound NAT rules) and continue on.  Obviously, since it is responding to the client on the outside (external to pfsense) with an internal address, it falls down.

      I am certain I am doing something silly, and have read through all the troubleshooting guides, and it may be something on the stupid windows server that I have misconfigured, but for the life of me I have run out of places to check.  Thanks for any assistance.

      1 Reply Last reply Reply Quote 0
      • P Offline
        podilarius
        last edited by

        Is the server responding with the internal address? If so, this is a redirect in the server that is causing an issue. Websites should be setup with DNS name for redirects or better, with logical redirects. You will need to determine where the response is originating from … the server, or pfsense.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.