pfSense Support Subscription

Author Topic: Inbound Ountbound  (Read 10294 times)

0 Members and 1 Guest are viewing this topic.

Offline fellesnelle

  • Newbie
  • *
  • Posts: 24
  • Karma: +0/-0
    • View Profile
Inbound Ountbound
« on: May 14, 2008, 02:28:38 am »
Hi,
How do I setup my pfsense that will allow me to acces my WAN adres from the inside of my network.
Example:
LAN: 192.168.0.1
WAN: 80.81.82.83
From LAN I like to ping, browse and IMAP to WAN.

Can someone help me?

Offline Perry

  • Hero Member
  • *****
  • Posts: 1152
  • Karma: +0/-0
    • View Profile
Re: Inbound Ountbound
« Reply #1 on: May 14, 2008, 02:59:26 am »
With the default lan rule you should be able to ping your wan address.
Post a diagram of your setup as it always helps ppl seeing what you want to do. 
/Perry
doc.pfsense.org

Offline Cry Havok

  • Global Moderator
  • Hero Member
  • *****
  • Posts: 2793
  • Karma: +1/-0
  • Backup: n. What you should have done yesterday.
    • View Profile
Re: Inbound Ountbound
« Reply #2 on: May 14, 2008, 04:57:46 am »
ISTR that what you're looking for is called "NAT Reflection":

http://forum.pfsense.org/index.php/topic,7817.0.html
If you're planning on PMing me to ask me to look at a thread, or for individual support, don't.

Offline fellesnelle

  • Newbie
  • *
  • Posts: 24
  • Karma: +0/-0
    • View Profile
Re: Inbound Ountbound
« Reply #3 on: May 15, 2008, 05:57:42 am »
I've tried to disable ""Disable NAT Reflection" and this is my result.

When I browse to my WAN URL (by example) http://80.81.82.83 then I get the login screen of my ADSL-router. When I try to connect my OWA https://80.81.82.83/exchange then I get an error by the proxy I think.

"Connection to 80.81.82.83 faild"
The system returnd:
(61) Connection refused

Any idea what I should do?

Offline GruensFroeschli

  • Green Frog
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 5066
  • Karma: +5/-0
  • No i will not fix your computer!
    • View Profile
    • FFXI related
Re: Inbound Ountbound
« Reply #4 on: May 15, 2008, 06:09:35 am »
umm...
You're using double NAT, are you?
something like this:

           (public IP))           (private IP)                 (private IP)
internet --------- Modem-------------- pfSense --------------clients

You have to put your modem into bridging mode.
So you have a public IP on the WAN of your pfSense.

The other solution is you set up split DNS.
Go to the DNS forwarder config and add the adress you have on the WAN and set the IP to which you want to be redirected.
We do what we must, because we can.
(Except when you PM me to help you directly - DONT: keep your issues in the forum)

Offline fellesnelle

  • Newbie
  • *
  • Posts: 24
  • Karma: +0/-0
    • View Profile
Re: Inbound Ountbound
« Reply #5 on: May 15, 2008, 06:27:00 am »
Hi

"the other solution" with a split DNS won't work.
I recveive the same error.
Later this day I will try to put my modem into bridging mode, when everyone is out of office, otherwise my phone wan't stop to riiiiiing  ;D


Offline GruensFroeschli

  • Green Frog
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 5066
  • Karma: +5/-0
  • No i will not fix your computer!
    • View Profile
    • FFXI related
Re: Inbound Ountbound
« Reply #6 on: May 15, 2008, 06:37:42 am »
Quote
"the other solution" with a split DNS won't work.
I recveive the same error.

What do you mean it wont work?
Did you try?
Can you show a screenshot of what you entered?
I have this exact same setup here at my home (my modem doesnt provide bridging functionality)
We do what we must, because we can.
(Except when you PM me to help you directly - DONT: keep your issues in the forum)

Offline fellesnelle

  • Newbie
  • *
  • Posts: 24
  • Karma: +0/-0
    • View Profile
Re: Inbound Ountbound
« Reply #7 on: May 15, 2008, 07:06:50 am »
Yes, I've tried.

Here is a prtscr:
« Last Edit: May 15, 2008, 07:09:07 am by fellesnelle »

Offline GruensFroeschli

  • Green Frog
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 5066
  • Karma: +5/-0
  • No i will not fix your computer!
    • View Profile
    • FFXI related
Re: Inbound Ountbound
« Reply #8 on: May 15, 2008, 07:24:40 am »
Your entry is wrong.

Look at the screenshots i attached.

Also make sure your clients use pfSense as primary DNS
We do what we must, because we can.
(Except when you PM me to help you directly - DONT: keep your issues in the forum)

Offline fellesnelle

  • Newbie
  • *
  • Posts: 24
  • Karma: +0/-0
    • View Profile
Re: Inbound Ountbound
« Reply #9 on: May 15, 2008, 08:31:11 am »
Sorry, I still don't get it working.

I've setup the things like you posted (naturraly with mine issues)

But I've a question about it. I don't have ore use a subdomain to access my OWA.
Normaly I can put the WAN address of my modem in the Domain tab of the General Setup. , isn't.
Then I put in de Domain colom of the DNS Forwarder that WAN address. Will this then work or what shud I prepare.
I still hope to find a solution.

If you still can help me out with this. ???

Offline GruensFroeschli

  • Green Frog
  • Global Moderator
  • Hero Member
  • *****
  • Posts: 5066
  • Karma: +5/-0
  • No i will not fix your computer!
    • View Profile
    • FFXI related
Re: Inbound Ountbound
« Reply #10 on: May 15, 2008, 09:11:59 am »
Normaly I can put the WAN address of my modem in the Domain tab of the General Setup. , isn't.
No.
What you set here is the domain name you actually have on the WAN.
If you dont have a name just set it to something like "local" or "myLAN".
This name will be assigned as the domain to the clients that get their DHCP lease from pfSense.
Dont put numbers/IP's here.

Quote
Then I put in de Domain colom of the DNS Forwarder that WAN address. Will this then work or what shud I prepare.

Yes you put what you entered under domain in the general section here.
The IP field is the IP of your server.
The Host field can be left empty.

In my example: i have the domain "psymia.mine.nu".
If i enter "psymia.mine.nu" in firefox i access my server on 10.0.0.10.

I added a second entry with as host www:
If i enter "www.psymia.mine.nu" in firefox i access my server on 10.0.0.10.
We do what we must, because we can.
(Except when you PM me to help you directly - DONT: keep your issues in the forum)

Offline fellesnelle

  • Newbie
  • *
  • Posts: 24
  • Karma: +0/-0
    • View Profile
Re: Inbound Ountbound
« Reply #11 on: May 15, 2008, 09:38:12 am »
Ok, know I understand a bit how its working and know its almost working.

When I fild in IE https://myserver.local/exchange then I receive my login of OWA.
So if I create a subdomein on my hosted domainame then I can use that inside our outside my network.
Inside it will then rerouted to my server.

What I know try to do is connect a IMAP profile to my smartphone that I can sync Inside (LAN) and Outside (Internet) my network.

Ik think that this will be the solution. Thanks for your patience  ;)


Offline Nostradamus

  • Newbie
  • *
  • Posts: 18
  • Karma: +0/-0
    • View Profile
Re: Inbound Ountbound
« Reply #12 on: May 26, 2008, 12:17:58 am »
Your entry is wrong.

Look at the screenshots i attached.

Also make sure your clients use pfSense as primary DNS

@GruensFroeschli

Thank you soooooo much. I have been trying to figured out why i didn't see my own web server ;)
1.2-RELEASE
built on Fri Mar 7 18:49:15 EST 2008
Intel Celeron 1100 Mhz
512MB PC-100
Segate 20GB HD
eth0: Intel 82801BA/BAM/CA/CAM 10/100 (WAN)
eth1: 3Com 3c905C-TX/TX-M 10/100 (LAN)