1

I did set up a few applications on a local server using pihole for local DNS and Traefik for providing SSL certificates. It all runs behind OPNsense firewall. Internet connection is DSL provided by Fritzbox then it goes WAN port on OPNsense server.

We have a static public IP. But right now I am using only local IP throw local DNS to access the services. I want to provide access to some services also from the internet. I don't want the users from local network take any internet bandwidth, while we have only 93/36 Mbit connection and the internal network is used by 30-60 users ...

I have no idea how to go about it. I guess I should be using the fixed public IP but somehow redirect the traffic on the firewall directly to the internal IP if the requests come from one of the VLANs? Any tips?

Also, I am not sure how to set up the NAT on Fritzbox and OPNsense for users connecting from the internet.

LeonardoCA
  • 11
  • 1
  • You often see split horizon DNS ; for interrnal clients app.example.com will resolve to the internal IP-address of the server and for internet users to your static public IP. - But also consider that when set up correctly: for internal users that access your own public IP-address, they don't actually use your internet bandwith. Your NAT router will handle that traffic internally and won't route that traffic over your internet uplink... https://serverfault.com/q/55611/37681 – HBruijn Aug 20 '22 at 10:44

0 Answers0