Domain – Having two subdomains on one public IP addres behind pFsense router

domaindomain-name-systempfsenseport-forwardingtraffic-management

I have one public static IP address.
I have my main domain register at local Internet provider and their DNS.

My main router is pfSense and behind it i have my local network.

My WEB server is in local LAN and pfSense doing NAT (port redirect) WEB traffic to local server.
Now I need one more web server inside my LAN (on another local IP address) (etc mail server) and I need another domain or subdomain.

Can I register a new domain pointed to the same public IP address, and tell pfSense to do different redirecting of traffic according to domain? I am planing to use both domains under HTTP (80) port.

Is it possible to pFsense redirect to one local IP when request calling domain.com
and to do different port forwarding when request on the same public IP adders calling subdomain.domain.com ?

If this is possible which one of Pfsense modules I should I install and configure, and how?

Best Answer

This can be done with the squid3 package. squid3 includes a Reverse Proxy server

Install the squid3 package...

  1. System > Packages
  2. Scroll down to squid3 and press the + button

After installation go to Services > Reverse Proxy

Under the General tab...

  1. Reverse Proxy interface: WAN
  2. external FQDN: YourFQDN.com (this should be your main name, but it doesn't mean you're limited to subdomains of the name you put there)
  3. Enable HTTP reverse mode checked

Under the Web Servers tab, add the (internal) IP of each of your servers

  1. Press the + button
  2. Enable this peer checked
  3. Peer Alias: make up a nickname for your server
  4. Peer IP: the IP address of your server
  5. Peer Port the port for your server (probably 80)
  6. Save

Under the Mappings tab, add the domain name for each of your servers

  1. Enable this URI checked
  2. Group name: make up a nickname
  3. Peers: select the corresponding server you setup in the Web Servers tab
  4. Save

Finally, under Firewall > Rule, create rule to direct traffic to the reverse proxy server

  1. Press the + button to add a rule
  2. The default settings...
    • Pass, WAN, TCP, Source Type any
  3. Destination: WAN address
  4. Destination port range: HTTP
  5. Save

This rule should be LAST if you have other rules configured forwarding from the outside in.

Any names you use must be registered to point to your external IP-- so if your domain name is example.com, in order to create subdomains in pfsense you will need to setup a record with your domain registrar point *.example.com.

I learned from this helpful tutorial: http://sdrv.ms/V8qLfK

Related Topic