Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    How to access a subdomain within the LAN

    Scheduled Pinned Locked Moved DHCP and DNS
    7 Posts 3 Posters 2.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mukethamike
      last edited by

      Hey Team,

      Am having an issue accessing my subdomains within the LAN setting. My external clients have easy access to the internal resources.

      Am using pfsense as DNS server and a Nginx server as a proxy server.

      Is Split DNS Configuration the way to go?

      Thanks in advance

      Michael

      1 Reply Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator
        last edited by

        Can you give some actual details..

        Are you using pfsense as your dns?  so you have host.sub.domain.tld and pfsense is pfsense.domain.tld ??

        But normally yes split dns is much better option than any sort of nat reflection..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        1 Reply Last reply Reply Quote 0
        • M
          mukethamike
          last edited by

          Thanks Mr. Johnpoz

          Yes am using Pfsense as my DNS. am quite new to Pfsense. This was a task channeled to me which i accepted.

          For actual details have like 6 sub domains and forwarded port 80 to my domain IP given by my ISP to the Nginx server in the local LAN.

          This is all the info. i have for now, and after lots of research i saw that Split DNS will do thus am requesting on a step by step summary on how to setup the split DNS through pFsense.

          Thanks

          1 Reply Last reply Reply Quote 0
          • C
            chris4916
            last edited by

            @mukethamike:

            Am using pfsense as DNS server

            running what ? DNS forwarder, resolver, bind?

            and a Nginx server as a proxy server.

            Do you mean "reverse proxy"?

            Is Split DNS Configuration the way to go?

            definitely yes if you use pfSense as DNS server for external clients.
            However, assuming your registrar provides you with interface allowing to manage your domain, I would suggest to handle the "external side" of your domain there instead of using pfSense, even if it means some administration overhead.

            Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

            1 Reply Last reply Reply Quote 0
            • M
              mukethamike
              last edited by

              ;D ;D

              Thanks Chris.

              This is helpful. Am using pFsense as a resolver and Nginx as a reverse proxy as you put it.

              So split DNS it is.. am writing a report on this. If I get a quick summary on how to do the this will highly appreciate.

              Regards.

              1 Reply Last reply Reply Quote 0
              • C
                chris4916
                last edited by

                As far as I understand, neither DNS Resolver nor Forwarder have been designed to act as external (public) DNS.
                Therefore, if you really want to use pfSense as your public DNS too, you should perhaps think about Bind instead.

                The idea behind split DNS is to expose different content, from DNS standpoint, to internal and external users so that:

                • all your intranet is not exposed to internet (in term of name/ip resolution)
                • DNS answers with public IP to requests from internet.

                Jah Olela Wembo: Les mots se muent en maux quand ils indisposent, agressent ou blessent.

                1 Reply Last reply Reply Quote 0
                • johnpozJ
                  johnpoz LAYER 8 Global Moderator
                  last edited by

                  "am writing a report on this"

                  So your wanting help with your school work??

                  "For actual details have like 6 sub domains and forwarded port 80 to my domain IP given by my ISP to the Nginx server in the local LAN."

                  This really has NOTING to do with pfsense, as chris states the name servers in pfsense are not really meant to be authoritative.. You can setup overrides to resolve whatever you want to whatever you want.  But dnsmasq nor unbound are authoritative name servers.  You could install the bind package, etc.

                  But resolving of anything for the public is best done on the PUBLIC with say your isp dns, a dns service.  Using pfsense as dns for outside public would be BAD even if using bind on it.  Hosting your own dns is not something you should take lightly.. And if you have to ask, you clearly are not ready to do it ;)

                  Point whatever fqdn you want to pfsense public IP at your public dns.  Then you can create overrides in pfsense dns so clients locally would resolve those sites to the local address vs the public one.. I have a funny feeling you don't really even understand what the term split dns means..  And we are helping you with some school assignment as well…

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 24.11 | Lab VMs 2.8, 24.11

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.