Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Tutorial for setting up NAT

    Scheduled Pinned Locked Moved NAT
    7 Posts 3 Posters 1.2k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      vikozo
      last edited by

      Hello
      is there a Tutorial/Howto for Setting up NAT, if you have a single Public Address to multiple Private IP Addressee Webserver?

      have a nice day
      vinc

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You can't forward web requests from one public IP to multiple web servers on a single port using only NAT.

        If the web servers all have the SAME content, you can use relayd (Services > Load Balancer) or HAProxy or another reverse proxy

        If the web servers all have DIFFERENT content, you'll need a reverse proxy like HAProxy to direct requests based on the Host header (for HTTP) or SNI (for HTTPS)

        Remember: Upvote with the šŸ‘ button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          Or all your webservers would need to be on different ports.. or atleast on the public side..

          So you have publicIP, and then privateIP-A, privateIP-B and privateIP-C

          So you could do this

          http://your.domain.tld –> privateIP-A:80
          http://your.domain.tld:8080 --> privateIP-B:80
          http://your.domain.tld:8090 --> privateIP-C:80

          where your.domain.tld resolves to your publicIP.

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • V
            vikozo
            last edited by

            hmm,
            i was hoping it would be easyer.
            this is my net

            the apache Server would hold a couple of Homepage…

            1 Reply Last reply Reply Quote 0
            • johnpozJ
              johnpoz LAYER 8 Global Moderator
              last edited by

              well if your using host headers you can point multiple urls to the same server..

              so
              sitea.domain.com
              siteb.domain.com
              sitec.domain.com

              And those all point to your publicIP.Ā  Apache looks and sees oh you want sitea.domain.com and hand out whatever site that is, siteb.domain is a different one.Ā  This is how every shared host works..Ā  They have hundreds of fqdn pointing to the same IP.

              Its when you have different IPs on your private side and only 1 public is where there is a problem..

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 24.11 | Lab VMs 2.8, 24.11

              1 Reply Last reply Reply Quote 0
              • V
                vikozo
                last edited by

                so you mean i have to have just a singel Virtuel server for everything.
                i was hoping to splitt it - maybe a vituell server = domain
                –-
                there is another point, i am not sure know.
                in proxmox i could add a vituell server just with bridging.... i will have to read further to understand it

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by

                  Sounds like to me you don't really know what you want.

                  I can only answer you questions as asked - can't read your mind.Ā  You could have 100 servers, you could hae 1 server serving up 100 different fully qualified domain names via host headers, you could have 1 server with 100 IP address.

                  Comes down to the same thing you only have 1 public IP.Ā  If you want to use the same name site.domain.com to get there you can only distinguish via ports like shown.Ā  Or if you want to use a reverse proxy to see sitea.domain.com and send to 192.168.1.100, and siteb.domain.com to 192.168.1.101 be it 1 server or 2..

                  What you can not do is have pfsense out of box know that you want to send sitea.domain.com to 100 and siteb.domain.com to .101 since it only sees the public IP your hitting and a PORT..

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.