Netgate Store

Author Topic: Accessing internal web server when SSL other than 443  (Read 187 times)

0 Members and 1 Guest are viewing this topic.

Offline wildfrog

  • Newbie
  • *
  • Posts: 14
  • Karma: +0/-0
    • View Profile
Accessing internal web server when SSL other than 443
« on: January 31, 2018, 04:24:15 pm »
I have a server on the LAN that's managed via a web browser. It uses port 8443 for SSL and not 443.
I have a port forward sending incoming 443 traffic to port 8443 of that server.
I have a host override in DNS Resolver sending the FQDN to the internal IP.
From outside the office, all works properly. I can manage the server. SSL works.
From inside the office, going to does not resolve.
However, inside the office, I can go to and that comes up as expected.

I'm sort of at a loss on how to reach the server via SSL the same way whether inside or outside the office.
I have tried using NAT reflection, both as Pure NAT and NAT+proxy, with no success.

Is there anywhere else I should be looking?

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 16019
  • Karma: +1528/-221
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: Accessing internal web server when SSL other than 443
« Reply #1 on: February 01, 2018, 04:20:15 am »
"From inside the office, going to does not resolve."

Yes it does resolve or wouldn't work either..   If your service is listening on 8443 then yes you would have to tell your browser to go to that port, not just resolve the fqdn to your internal IP.. dns has zero to do with ports.

Simple solution - save a bookmark in your browser to the 8443 url ;)  Other solution be to just do a nat reflection, or setup an internal port forward.

Or change this server to listen on 443 ;)  Or setup the server to redirect traffic it sees on 443 to the application on 8443..
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE-p1 (home)