1

My WAN public address is linked to the server with NAT. How can I set up the firewall to let all local computer use the same NAT rules for www.mypublicaddress.com address from INSIDE the network?

I know the other option is to create a dns zone, however this way I can not use the same NAT rules (redirect by tcp port).

Thanks.

Tobia
  • 1,272
  • 9
  • 41
  • 81
  • For example a tcp80 request to www.mydomain.com (dns to wan port) is redirect to the local web server, so from outside everthing works. By INSIDE (LAN) I can not connect to www.mydomain.com because I will contact the firewall wan port and the nat rules are not applied from an inner request. – Tobia Nov 13 '13 at 14:12
  • Understood now, but I don't know if it is possible with that device or not. That's called NAT reflection or Hairpin NAT. You'd have to ask Zyxell support if the device supports it. You're better off setting up a DNS entry internally for that www host even if it means creating a new internal DNS zone for it, so that the traffic never traverses the firewall. – TheCleaner Nov 13 '13 at 14:17
  • Yes it is the second option in my answer, but this way I can not manage multiple services (for example tcp21 of www.mydomain.com is redirect to a differente ftp server) from the same address like NAT does. Thanks, I will look for NAT reflection as you said. – Tobia Nov 13 '13 at 14:23
  • Understand. You'd have to change up the way it works internally, with new A records for things like "ftp.mydomain.com" etc. Why the need to have the same A record externally though? I get the single WAN IP translation need, but why not make FTP be "ftp.mydomain.com" with the same IP as your "www" host, etc.? That way users see a more common hostname and it doesn't get as confusing. – TheCleaner Nov 13 '13 at 14:27
  • I agree with you, I will consider it. – Tobia Nov 13 '13 at 15:23

0 Answers0