Use subdomain.mydomain.net from outside/inside network

JohnnyBeGood · Jun 4, 2014, 5:24 AM

Hi all,

I have my domain registered at noip.com and under Services -> Dynamic DNS I have setup linux.mydomain.net and that updates fine when IP changes.
Before switching to pfSense I had same setup on my Asus RT-AC68U wireless router.
On two of computers inside the network I had two ports open for each service:
1. For 192.168.1.101 TCP 8888
2. For 192.168.1.102 TCP 9999
I was able to connect from outside my network ie. http://linux.mydomain.net:8888 and http://linux.mydomain.net:9999
once I would get home and connected to my network I was able to use same hostname to connect.

Now, I can't do that. It does not work. Only way it will work is if type internal IP ie. http://192.168.1.101:8888 or http://192.168.1.101:9999

So something was translating http://linux.mydomain.net:8888 into http://192.168.1.101:8888

Is it possible to get this somehow working again?

TIA

Here are ping results:


Pinging linux.mydomain.net [24.18.xx.xxx] with 32 bytes of data:
Reply from 24.18.xx.xxx: bytes=32 time<1ms TTL=64


Pinging pfsense.mydomain.net [192.168.1.1] with 32 bytes of data:
Reply from 192.168.1.1: bytes=32 time<1ms TTL=64

```![general setup.JPG](/public/_imported_attachments_/1/general setup.JPG)
![general setup.JPG_thumb](/public/_imported_attachments_/1/general setup.JPG_thumb)
![dynamic DNS.JPG](/public/_imported_attachments_/1/dynamic DNS.JPG)
![dynamic DNS.JPG_thumb](/public/_imported_attachments_/1/dynamic DNS.JPG_thumb)

divsys · Jun 4, 2014, 5:06 PM

Try turning on NAT-reflection for those port forwards.

JohnnyBeGood · Jun 6, 2014, 12:35 AM

@divsys:

Try turning on NAT-reflection for those port forwards.

Thanks for taking time to reply!

I went in System-> Advanced-> Firewall and NAT and set NAT Reflection mode for port forwards to "Enable (Pure NAT)"
and deleted/added TCP 8888 in Firewall-> NAT but still no joy :(

Any other suggestions?

divsys · Jun 6, 2014, 3:58 AM

Did you check to see the reflection state in the NAT rule you previously created?

There was a scenario I ran into where I had to reset the reflection state of a pre-existing rule manually before it would grab the system default state.
It may be worth trying the four different states manually just for test purposes.

You might also check the firewall logs to make sure there isn't another rule blocking before it hits the NAT passthru.

JohnnyBeGood · Jun 7, 2014, 5:59 AM

Its working now with "Enable (NAT + Proxy)"
Thank you!
I do now have proxy running what does that option mean?