Cannot access domain from local network
-
Hello everyone.
I've got (what I think is) a really weird issue. So, I've got pfsense running on a machine of mine. Everything is working great except for one thing. I've got a domain that I own, (not sure if I'm allowed to post it or not…) and I've set up port forwarding rules to access the services on it, which works fine.... from the rest of the internet.
Basically, I've got a port 80 webserver that if you go to my domain on any machine in the world except for one in my network, it works. For some reason, if I try to access the domain at all in my local network, it times out. This goes for HTTP traffic, SSH traffic, and everything else as far as I can tell.
Something else I thought was odd was that I can ping my domain and get a response from inside the LAN. I'd think that wouldn't work since nothing else involving the domain does.
If anyone has any idea what might be going on, or if anyone needs more information about my set up, let me know. Thanks
-hbh7
-
Seems like you are using the same domain as your local network. Maybe use something.domain.com for home and domain.com for public site and add a host override for the public address.
-
This sounds like a DNS issue.
https://doc.pfsense.org/index.php/Why_can%27t_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networksMethod 2 is the way to go.
-
Ok 2 responses. Let me see…
Fragged: The pfsense box is called pfsense.mydomain.com if that is what you mean. Neither mydomain.com or any subnets of it will resolve. I did try the host override in the DNS resolver, but it didn't make a difference.
Almabes: Yep that was what I was thinking... I'm actually on that page already and I tried option 1. I'll go try option 2 and report back.
-
Ok Split DNS mentions DNS forwarder, and I'm using DNS Resolver just because its the default now. I'd assume the directions are the same nonetheless, except for one other thing. I have other things besides a webserver pointing to mydomain.com, so I'm not sure how I would handle that.
If that was confusing, here's what I mean.
mydomain.com gets different things depending on port.
80 - 192.168.1.193
22 - 192.168.1.50
25 - 192.168.1.194How would I get it to distinguish? Is it possible?
-
Yeah. That gets problematic when you want split DNS.
I have never recommended using "mydomain.com" for anything. This is one of the many reasons why.
You want to connect to several different hosts using one hostname. Not going to scale.
www.mydomain.com
ssh.mydomain.com
mail.mydomain.com -
Yep, i figured it'd have to come down to that… Too bad. My old lame router had no problem with it... :( Odd pfSense can't handle it the same way with some config'ing
-
it can. Turn on the bastardization that is "NAT Reflection." and enjoy.
-
Well, I don't have a strong enough understanding of everything to know why it's terrible, but it works, which is good enough for now. Thanks for your help. :)
-
It's terrible because it has a tendency to not work correctly, or at all. But, if it's working, and not crapping out on you then great.
-
Oh, well that's a lot more simple than I thought…. Well, for now it seems to work. Ideally I'll change it eventually but as for now that's what I'll use.
