Answer the question
In order to leave comments, you need to log in
How to configure LAN access from LAN over WAN?
I have the following network:
Port Forwarding of all necessary ports from WAN to "Mail server" is set on the router.
The problem is that the client shown in the diagram cannot connect to the server via the WAN address. At the same time, all clients that are in the external network can easily connect to the server.
How to allow a client on a LAN to connect to a server on the same LAN but by WAN address?
The router is Ubiquiti's Edgerouter, so the firewall is fine-tuned.
Answer the question
In order to leave comments, you need to log in
They don't usually do that, it's bullshit. If there is a need to connect to the same resource from the outside and from the inside, this issue is solved by setting up a DNS server, which, when requested from the local network, resolves the desired name to the local IP address.
Harpin nat is used from hopelessness.
I already foresee the following requests for toster
- why the SIP client does not work on the home telephony server
- why I do not see the client's IP on the server
- how to block a hacker if all connections on the server go from 192.168.1.1
Judging by the screenshot you have pfSense, you can understand on it DNS and make static records for home resources. Then make settings in DHCP so that home clients receive this DNS server. It will give static addresses, everything else will be forwarded to an external DNS. Everything works transparently and nothing needs to be configured on the client.
The fact that the scheme in the figure is working is absolutely certain, even without problems with changing IP to DNS.
On some routers, port forwarding can be configured in different ways. I won’t say anything about Ubiquiti (I didn’t have an acquaintance), but try to twist the options in it on the topic - on which IP to catch the forwarding, and not from which network.
If your mail server (web server, etc.) has a certain name mail.host.ru, then clients inside the locale should not see the difference - they just climb on the external white IP and just work. The router should not ban internal requests.
It's just a matter of setting up the router.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question