I cant acces to my public address from lan



  • i have

    router < cisco >                  >>>>>        pfsense                >>>>>>>>  lan
          ip public 41.12.xx.xx                  wan ip 192.168.0.5                      192.168.1.5

    in my cisco router  i creat 1:1 Nat 41.12.xx.xx to 192.168.0.5

    and in pfsense i creat <nat port="" forword="">  to acces in my server in the LAN  41.12.xx.xx:1210  >> 192.168.1.5    and i can connect to him from outside it is ok.

    but i  cant acces  to my server from lan with public address : 41.12.xx.xx:1210 whay !!




    </nat>





  • it is ok 
    but i  cant acces  to my server from lan with public address



  • Then try a different Reflection mode.  Better yet, set up split DNS so that your public sites resolve to LAN IP addresses instead of using hacks like NAT Reflection.



  • i try this but i like access to address to server from inside <lan>an outside <wan>with  same address :  41.12.xx.xx:1210</wan></lan>



  • I'm not sure I understand why it makes any difference.  Either use Split DNS to resolve its FQDN to its LAN IP, or use its LAN IP.  You're making this harder than it has to be.


  • Rebel Alliance Global Moderator

    So your trying to do a double nat reflection?  pfsense has nothing to do with that reflection.. That would be on your cisco, pfsense doesn't hold the public IP in your setup.

    But as others have stated WHY.. just setup your local name resolution to use the local IP for whatever your public fqdn is.. Pfsense can do this for you real simple with over ride.

    There is not one legit reason to do nat reflection..



  • thinks for help  i have solution it is ok thinksssssssss


  • Rebel Alliance Global Moderator

    Ok for what?  What part do you not understand that nat reflection is a hack and to be avoided.. Why don't you just use your local IP or setup name resolution to resolve whatever it is your trying to get on that public to resolve to your local..

    This is much better then sending packets out to your cisco, to be sent back in to pfsense to be sent back into whatever when that whatever is connected to the same switch you are.