Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Access my server through public domain and NAT - at home
« previous
next »
Print
Pages: [
1
]
Author
Topic: Access my server through public domain and NAT - at home (Read 611 times)
zeropage
Newbie
Posts: 23
Karma: 0
Access my server through public domain and NAT - at home
«
on:
April 09, 2024, 07:53:50 pm »
In my home setup, I have an OPNsense as well as a server and other devices that are publicly accessible via NAT port forwarding. I also have a domain (e.g. example.com). DDNS takes care of updating the DNS records. Everything has been working perfectly for a long time. However, if I now want to access the server at home via the public domain, this does not work. After some time I get a timeout from the client/browser. Why not?
Actually, a request should be routed out to the ISP and from there back to my DSL connection.
I would like to mention at this point that I use Unbound for my private zone (e.g. example.home.arpa). Maybe I can solve the problem there somehow, but I don't know how.
Thanks in advance.
Logged
Monviech (Cedrik)
Global Moderator
Hero Member
Posts: 1619
Karma: 177
Re: Access my server through public domain and NAT - at home
«
Reply #1 on:
April 09, 2024, 08:04:12 pm »
There are 3 possible solutions:
- (Easy) Create Host Overrides in Unbound, setting the internal IP address of your server to the external hostname
- (Medium) Use a Reverse Proxy (like os-caddy) on the OPNsense, it handles this issue too (for webservers only).
https://docs.opnsense.org/manual/how-tos/caddy.html
- (Hard) Set up NAT Reflection. There is a tutorial in the OPNsense docs:
https://docs.opnsense.org/manual/how-tos/nat_reflection.html
«
Last Edit: April 09, 2024, 08:06:02 pm by Monviech
»
Logged
Hardware:
DEC740
zeropage
Newbie
Posts: 23
Karma: 0
Re: Access my server through public domain and NAT - at home
«
Reply #2 on:
April 11, 2024, 01:10:37 pm »
I have chosen the easy way.
What was still missing for me was the redirect part:
Code:
[Select]
local-zone: "example.com." redirect
local-data: "example.com. IN A 192.168.20.65"
Let me ask you another question:
Up to now, I have addressed my services on the Internet via the following URLs. Using port forwarding on the OPNsense, I have routed the requests to the responsible host in the network.
Web Server:
https://example.com
Reverse Proxy NAS:
https://example.com:5001
FTP Server
ftp://example:com
In the LAN, the Unbound DNS is now responsible and delivers the IP to the host. Now I would like to ensure that clients on the LAN can use the same URL as when they access from the Internet. Should the URLs then look like this? Is this usual?
https://www.example.com
https://nas.example.com:5001
ftp://ftp.example.com
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Access my server through public domain and NAT - at home