Can't browse HTTP server locally
-
Given information:
Domain: mydomain.org - was used to replace the real domain name.
external ip: 1.1.1.1
internal network: 192.168.1.0/24pfsense ver: 2.1.4
external custom http port: 4444
internal http port: 80 (default)
http server: apache2DNAT
Internet > 4444 firewall/nat > 80: Apache- this scenario works, sweet!!!
Internal http test through browser.
LAN > 80: 192.168.1.100- this simple test failed.
Then the problem begins…
Port Test Results: (using pfsense utility)
Connection to web.mydomain.org 80 port [tcp/http] succeeded!- there splitDNS is working and pfsense can resolve web.mydomain.org
- To cut this throubleshooting short. I replaced pfsensebox with a Linksys home router. Configured NAT, DNAT and local http testing was successful. Therefore i can point out that there is something mis-configured (which i may have missed) in my pfsensebox.
Kept digging for a fix. Found these workaround but failed.
https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks
I did "Method1" and "Method2" but both approach failed.
pfsense was able to resolve http server through nslookup.
C:\Documents and Settings\admin>nslookup web.mydomain.org
Server: miguel.mydomain.org
Address: 192.168.1.254Name: web.mydomain.org
Address: 192.168.1.140but not able to browse the site. I use "Test port" if pfsensebox can probe if there's a webserver in 192.168.1.140 which is the http server, and it was successful.
Port Test Results:
Connection to web.mydomain.org 80 port [tcp/http] succeeded!Used chrome to view the home page of the webserver, but still failed.
Any suggestion of how to make this work at pfsense box?
additional information:
DNAT logs
xxx.xxx.xxx.xxx - - [21/Jul/2014:16:23:56 +0800] "GET /?p=1 HTTP/1.1" 200 3909 "http://1.1.1.1:4444/?page_id=2" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
xxx.xxx.xxx.xxx - - [21/Jul/2014:16:24:00 +0800] "GET /?cat=1 HTTP/1.1" 200 2776 "http://1.1.1.1:4444/?p=1" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
xxx.xxx.xxx.xxx - - [21/Jul/2014:16:24:17 +0800] "GET /?cat=1 HTTP/1.1" 200 2777 "http://http://1.1.1.1:4444/?cat=1" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"
xxx.xxx.xxx.xxx - - [21/Jul/2014:16:24:20 +0800] "GET /?m=201407 HTTP/1.1" 200 2751 "http://http://1.1.1.1:4444/?cat=1" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36"and can't find any http traffic within the 192.168.1.0/24.
Internet <==========>{PfSense:4444 | Pfsense:80} <=======> Apache2 (OK!)
{LAN / Pfsense:80} <=======> Apache2 (NOT OK!)
^
||
||
||
||
||
||
Workstation/PC