asked on

Cannot access hosted server internally

We have a hosted server with an ssl certificate which we can access externally but on the wifi (dns external) we cannot access the hosted server. With the wifi and the hosted server are on different subnets behind the same firewall. Does anyone have any suggestions how we can overcome this issue?

footech

Pretty sure the issue is with your firewall (not really a problem, but a factor of design). Most firewalls above the most basic don't allow traffic that originates on one interface to go through another. So you can't have traffic that comes from internal hit the WAN interface where the public IP for the server is. I've heard of some firewalls that will allow you configure this, but I don't have any names offhand.

The typical way to solve this when it's all on one network is to create an entry on your internal DNS to resolve the name to the internal IP of the server.

If you had a Cisco ASA I think you could use their DNS doctoring feature which modifies the traffic in transit. As it stands now, I don't see a solution. Without something like a Cisco, the wifi network would need to use a different DNS where you can control the records such that the FQDN for the server resolves to an IP which is reachable from the wifi network.

This question needs an answer!

Become an EE member today

7 DAY FREE TRIAL

Members can start a 7-Day Free trial then enjoy unlimited access to the platform.

View membership options

Learn why we charge membership fees

We get it - no one likes a content blocker. Take one extra minute and find out why we block content.