Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Can't access http/https internally, but can externally.
« previous
next »
Print
Pages: [
1
]
Author
Topic: Can't access http/https internally, but can externally. (Read 1215 times)
sierra117
Newbie
Posts: 7
Karma: 0
Can't access http/https internally, but can externally.
«
on:
August 13, 2023, 05:27:07 am »
I'm having an issue where I cannot get any of my url's to resolve internally. For instance, on my internal network, I cannot access 'auth."mydomain".com. However, on my phone, I can access auth."mydomain".com when it is connected to cell. If it is on wifi, I cannot. The connection will time out after about 20 seconds, which is leading me to think this is a firewall issue.
I've combed through my port forwards and my firewall rules endlessly. I have looked through unbound as well, and I cannot find where the issue lies. I don't see anything popping up in the firewall log. Can anybody help me troubleshoot this?
Logged
bartjsmit
Hero Member
Posts: 2018
Karma: 194
Re: Can't access http/https internally, but can externally.
«
Reply #1 on:
August 13, 2023, 08:38:03 am »
Set up split DNS to avoid your internal traffic hairpinning out via the WAN interface:
https://homenetworkguy.com/how-to/configure-split-dns-opnsense-using-unbound/
That way, internal clients don't rely on external name resolution and the traffic stays inside your network. This is both more secure and more robust, since it will work if your internet is disconnected.
Bart...
Logged
sierra117
Newbie
Posts: 7
Karma: 0
Re: Can't access http/https internally, but can externally.
«
Reply #2 on:
August 13, 2023, 03:09:20 pm »
I already had this set up. I re-enabled the re-direct DNS rules as well. Still no dice.
Logged
sierra117
Newbie
Posts: 7
Karma: 0
Re: Can't access http/https internally, but can externally.
«
Reply #3 on:
August 13, 2023, 04:22:31 pm »
I fixed it. I had to turn NAT reflection on in firewall>setting>advanced
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
23.1 Legacy Series
»
Can't access http/https internally, but can externally.