Netgate SG-1000 microFirewall

Author Topic: NAT: 1 WAN:PORT to 1 LAN:Different LAN IPs:PORT (common Port/service)  (Read 144 times)

0 Members and 1 Guest are viewing this topic.

Offline DemoNIck

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
    • All about UNIX
I am running the latest pfSense with 1 WAN interface and 1 LAN interface serving a local LAN subnet.

I have several domains (A records to external DNS) that resolves to my static WAN IP.

Allow me to set with an example what is the situation and what I would like to achieve:
domain 1: -> (A record)
domain 2: -> (A record)
domain 3: -> (A+MX record)
domain 4: -> (A record)

I am running a web server on my local IP With the use of web server's virtual hosts, I can access the different pages of domain1 and domain2 from outside using NAT/Port Forwarding from{80,443}->{80,443}

I am running a mail server(domain3) on my local IP With NAT/Port forwarding I can send/receive emails. i.e.:{25,587,993)->{25,587,993) etc
I am also running a web server for a web mail client access, for domain3, on the same local IP listening on the default ports {80,443}.

Now, when I access and/or, on the default ports {80,443}, I am forwarded to and serve the appropriate content for each domain.

Is there a way, when I access, on the default ports {80,443}, to be forwarded to IP ?

Please forgive me if this is not a NAT topic, or maybe not even a pfSense topic. If this is the case, I would appreciated if you could point me to the right direction.

Just to mention, I know that:
a. I could run the web client on the existing web server on and yes, problem solved.
b. I could access the web client for my mail server from a different port. i.e. with NAT/Port forwarding WAN:5580 ->

Thank you in advance for your time.
« Last Edit: December 22, 2017, 04:24:28 am by DemoNIck »
Hide, they will recognise you soon...

Offline chpalmer

  • Hero Member
  • *****
  • Posts: 1793
  • Karma: +94/-3
    • View Profile
    • Home of Cablenut
Re: NAT: 1 WAN:PORT to 1 LAN:Different LAN IPs:PORT (common Port/service)
« Reply #1 on: December 22, 2017, 10:43:16 am »

In your case Id either..

Get a second static IP address and use 1:1 NAT on each static to each LAN address..

Set up port forwarding in favor of 1:1 NAT and use another port for your mail service..    domain 4: -> (A record) as an example..

Move the mail server service to the webserver which is what Ive done in a couple of cases.

If your running multiple pages on your webserver I assume your running something like Apache with virtual hosts enabled..

P.S. statements made by me are not necessarily condoned by the management of this fine organization.