Website from LAN 2 inaccessible from LAN 1 when proxy in use

  • Hi everyone,

    We're running pfSense 2.0.1 at our organization.  We have 2 LAN interfaces for 2 different areas of the organization, and 1 WAN interface for internet access.  LAN 2 has a web server that hosts a publicly accessible website.  A proxy server [not transparent] is configured for LAN 1/loopback interfaces and has a few IP addresses in the proxy blacklist.

    There is also a firewall rule that blocks traffic from one LAN to the other LAN, effectively creating 2 networks that share an internet connection but don't have access to each other.

    Everything works great, except for the fact that anyone on a computer in LAN 1 who's web browser is configured to use the proxy server in pfSense can't connect to the website hosted on the server in LAN 2.  Anyone else on the internet can see the website with no issues.  The website is even accessible from my computer on LAN 1 if I tell my web browser to not use the proxy server [it isn't forced on my computer].  I can see the website with no issues, and as soon as I tell my browser to use the proxy, I can't see the website on LAN 2 again.

    I'm thinking that the best fix that makes sense in my mind is to enable something like the pfSense option "Bypass proxy for these destination IPs", and enter in the destination external IP of the LAN 2 interface.  However, this option is only available when using a transparent proxy.

    Anyone have any ideas?  Does upgrading to 2.1.3 bring any solutions to this?  Thanks!

  • Rebel Alliance Developer Netgate

    You can set a proxy bypass in the client configuration/options on the individual workstations/browsers.

    Otherwise you'll need to make sure that your local DNS resolves the hostname to be the actual local/internal IP address of the web server.

Log in to reply