[ previous ] [ next ] [ threads ]
 
 From:  Adam Gibson <agibson at ptm dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] accessing own web server
 Date:  Fri, 11 Mar 2005 14:35:58 -0500
Does anyone know if this a limitation of ipfilter on BSD or just the way 
m0n0wall sets up the filter rules?  I know that iptables on Linux can 
work so that the outside firewall IP will be nated from outside 
connections and connections from the LAN segment using DNAT because that 
is how I had some firewalls setup before.  It would obviously be nice 
not needing to set DNS overrides for services placed on a service network.

Vincent Fleuranceau wrote:

> 
>> My server (192.168.3.10) is wired to the LAN input (192.168.3.3) of 
>> m0n0wall.  When I try to access my web page (http://www.azadian.ch/) 
>> from my server, I land on the m0n0wall GUI.  After putting the 
>> appropriate entries in DNS forwarder, there's no problem from the 
>> other machines on my LAN.  How can I fix the problem of access from my 
>> server to my server?
>>
> 
> You can't reach a NATed service from a NATed host. This is a know (and 
> DOCUMENTED!) issue.
> 
> You can only reach it via its NATed IP, i.e. 192.168.3.10 (and 127.0.0.1 
> from the server itself, of course).
> 
> Go to the DNS forwarder page and add an entry for your server in order 
> to override the results from the DNS forwarders.
> 
> Use the following:
> 
>   Host = www
>   Domain = azadian.ch
>   IP = 192.168.3.10
> 
> 
> -- Vincent
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch