I can access website from external but not from internal

aputia · Mon Nov 01, 2021 12:21 pm

Hi,
I have a RB760iGS board. I have default configuration:
- ethernet 1 is WAN
- ethernet 2, 3, 4, 5 is bridged on my lan

My LAN is 192.168.0.0/24
My website: http://MYDOMAIN.COM that is connected with my internal server 192.168.0.67

If I connect to http://MYDOMAIN.COM from WAN (eg my smartphone with mobile network) everything works.
If I connect to http://MYDOMAIN.COM from LAN, it is unreachable.

I created a srcnat rule, but it doesn't work

/ip firewall nat add action=masquerade chain=srcnat dst-address=192.168.0.67 dst-port=80 protocol=tcp src-address=192.168.0.0/24 comment=http from LAN

Now, because I have several services on my server 192.168.0.67 (80, 443, 21, etc etc) reachable using MYDOMAIN.COM, is there a way to enable all of them in order I can access from LAN using domain name?

Thanks

mkx · Mon Nov 01, 2021 1:30 pm

Either have split DNS (so that it returns LAN IP addresses to LAN clients) or configure hairpin NAT.

anav · Mon Nov 01, 2021 3:02 pm

Sounds like hairpin nat scenario.
viewtopic.php?t=179343

karlisi · Mon Nov 01, 2021 3:27 pm

Modify nat rule to this (assuming your bridge is called LAN)

/ip firewall nat add action=masquerade chain=srcnat dst-address=192.168.0.67 src-address=192.168.0.0/24 out-interface=LAN comment="http from LAN"

I can access website from external but not from internal

I can access website from external but not from internal

Re: I can access website from external but not from internal

Re: I can access website from external but not from internal

Re: I can access website from external but not from internal

Who is online