Cannot access local webserver from firewall via public IP-adress

[p.dungel]

Yesterday i tried to backup the config to my local nextcoud instance, while doing so I noticed, that the firewall cannot access my webserver via the public ip address

The firewall has the IP 192.168.0.1, the webserver 192.168.0.200 all other clients on the LAN are in the range 192.168.0.100 to 192.168.0.150

I can access my webserver from the web and all clients in the LAN except from the firewall either via the public IP or the domain name e.g. https://example.com. All requests are forwarded to the webserver by portfowarding (Firewall -> NAT -> Portforward)


The Forward rules are:
Source
Interface WAN
Proto TCP
Address *
Port *

Destination
Address WAN Address
Ports 80 resp 443

NAT
IP Webserver IP
Ports 80 resp 443

From the firewall (OpnSense) I can connect to the weserver via its internal IP (192.168.0.200) but not via public IP


This is a simple schematic of the networt - generally pretty simple

     WAN / Internet
            :
            : /Cable-Provider
            :
            |
        WAN | IP or Protocol
            |
      .-----+------.   
      |  OPNsense  |
      '-----+------'   192.168.0.1
            |
        LAN | 192.168.0.1/24
            |
      .-----+------.
      | LAN-Switch |
      '-----+------'
            |
    ...-----+------... (Clients/Servers)

[Kinerg]

You need to set up NAT reflection :

https://docs.opnsense.org/manual/how-tos/nat_reflection.html