Forum Discussion

harshak777's avatar
harshak777
New Contributor
6 months ago
Solved

Unable to access self hosted server via public IP

I have a Raspberry Pi at home that I often use for development purposes. And I am able to access(SSHd running on a custom port) this device when I am on my home network (LAN) using its private IP.

The custom port where my device's SSHd runs is port-forwarded using the Cox Panoramic WiFi app. 
Until a few days ago, I was able to access my device using the router's public IP via custom port.

Currently, I am still able to access the device using the public IP when I am outside the LAN. But I am not able to access using the public IP when I am on my home network (LAN). Does anyone have any solutions?

Port forwarding
  • ExtraChrispy's avatar
    ExtraChrispy
    6 months ago

    Short answer, you need to be using the internal IP for access while on the internal LAN and the public IP when outside of the LAN.  This is how most consumer routers work.  NAT reflection tends to be more of a commercial router feature:

    https://docs.netgate.com/pfsense/en/latest/nat/reflection.html

3 Replies

Sort By
Replies have been turned off for this discussion
  • ExtraChrispy's avatar
    ExtraChrispy
    Contributor III
    6 months ago

    Short answer, you need to be using the internal IP for access while on the internal LAN and the public IP when outside of the LAN.  This is how most consumer routers work.  NAT reflection tends to be more of a commercial router feature:

    https://docs.netgate.com/pfsense/en/latest/nat/reflection.html

    • harshak777's avatar
      harshak777
      New Contributor
      6 months ago

      What would you recommend as a solution if I want one domain to resolve differently based on the network (home vs outside)?

      • ExtraChrispy's avatar
        ExtraChrispy
        Contributor III
        6 months ago

        Now you're describing the Split DNS scenario in that link I posted.  pfSense firewalls feature a DNS resolver that makes accomplishing this very easy but this probably doesn't apply to you.  The basic idea is you need a DNS server of some kind inside your LAN that resolves the desired domain name(s) to internal IP addresses when you're connected to your LAN.  Then you'll need to edit your DHCP server to hand out the IP address of your internal DNS server to devices connected to the LAN.  Those same domain names can be hosted on external DNS servers which would resolve to your public IP address.  When you're outside of the LAN, your device will see public DNS servers and not the internal.

        You can use one of many dynamic DNS providers to help automatically update  your DNS whenever your public IP changes.  I have a domain name hosted with CloudFlare and my pfSense firewall has an API that can update my dynamic DNS record whenever the public IP of my firewall changes.

        I don't think you're going to have much success with this if you're relying on a Panoramic Wifi router.  If hosting your own DNS just isn't an option, you could resort to hacking your hosts file when connected via LAN but you'll have to remember to unhack it when external.  For Windows, you'll want to look at the file %WINDIR%\system32\drivers\etc\hosts.