Webui shows on WAN from internal machine


  • I've set up a webserver and all the rules for to pass through the traffic. However when I surf to my WAN from within my LAN I only get the webgui login page. When I use an external machine everything is alright so I know that the webgui isn't shown to the outside world. But since testing stuff on the webserver gets a little bit more messy if I can't test from within. Is there anything going on with the pfsense config or could it be that my ISP does something?

    Is there anything in the pfsense config that needs to be done?

  • Banned

    Fix your internal DNS to point to internal IPs.


  • @doktornotor:

    Fix your internal DNS to point to internal IPs.

    Thank you for pointing me in a direction. I tried https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks two solutions and none of them worked.

    I flushed the DNS on the internal machine just to be sure.

  • Banned

    None of them worked is not a useful problem description I'm afraid. Good luck.


  • Most likely you want to just put Host Overrides on the pfSense DNS that faces the internal network.
    Tell us what you actually tried, with screenshots of the settings and what did or did not work.


  • @phil.davis:

    Most likely you want to just put Host Overrides on the pfSense DNS that faces the internal network.
    Tell us what you actually tried, with screenshots of the settings and what did or did not work.

    Hey.

    I followed the instructions on method 1 first. I chose Pure NAT on Nat Reflection mode and crossed the two options just like in this image
    Saved the option, got the message that the changes have been applied successfully. Tried to surf from an internal machine to my dynamic dns adress, still got the pfsense webgui. (surfing from external machine, I get the website.

    Since this was the lazy way of doing this according to the instructions I tried method two I made a DNS forwarder. It's enabled and I made a new host override. Like this

    I named the host foo and the domain noip.me, set the ip 10.101.242.21 (pfsense on LAN side is 10.101.242.1), put a description in an saved, I applied the changes and enabled the three options as per the instructions (Enable DNS forwarder, Register DHCP leases in DNS forwarder and register DHCP static mappings in dns forwarder)

    The only think I can think of is that the server 10.101.242.21 is static and doesn't present itself for the DHCP server 10.101.242.1, no other device on the LAN has static IP.


  • The client needs to be using pfSense for its DNS - first check that. Then from the client, ping to the name and see what IP address it gets.
    nslookup of the name will also tell you what IP address it resolves to and what DNS server it used.


  • @phil.davis:

    The client needs to be using pfSense for its DNS - first check that. Then from the client, ping to the name and see what IP address it gets.
    nslookup of the name will also tell you what IP address it resolves to and what DNS server it used.

    Good news everyone

    Fixing the issue with the DNS server set in the dhcp fixed the problem I've been having. Thank you. I had googles DNS server set up there so every dhcp lease had googles name servers directly instead of pfsense machine which then asks googles dns.

    Problem resolved :)


  • Hey I'm back.

    I have another question. I've only gotten this to work with settings host overrides. Is there any setting I can set so I don't have to add host overrides? A setting that unless I access pfsense gui from the local IP?

  • Banned

    No, there's no magic setting anywhere.