Thanks Again for all of your help rg305. As I had to use a different port number in the end, I just used NAT on my firewall and redirected an open port to 1883.
This is working as expected. Ideally I didn’t want to open more holes if possible. Never mind.
A Quick side question about internal proxying, and Naming conventions if you are able to answer?
PFSense has two internal networks, one for LAN and one setup as a DMZ, and connects to a managed HP layer three switch.
My family devices (laptops, phones, tablets, PC’s) all reside on the LAN, I’m hosting some services on my unraid server, (which resides on my LAN, but has a tagged vlan for the dockers) nextcloud, homeassistant, appdaemon, etc and other than the unifi controller they are all on the DMZ vlan.
Incoming traffic, all comes in on port 80, and is directed to the letsencrypt docker handles SSL offloading, and rewrite the URL to services in the DMZ, and my media server on my LAN.
Each docker resides on a separate ip address, and generally on thier propritary ports (i.e nextcloud runs on port 443, home assistant on 8123 etc.)
My url rewrite rules direct traffic to the correct places and includes the port info;
My internal network is called similardomain.local.
I was using a separate vlan for my smart tech, but moved it to the DMZ, all of the smart tech is connected to it’s own wifi, so that if there is a problem I can just take that wifi offline.
So to the question:
I want to be able to continue to use the URL’s rather than ip addresses, and port numbers, as some of the services my wife, children and some family members use.
Do i need to setup NATreflection, or do i need to add some special DNS entries?
Any help is appreciated.
and should I have my home network name as a subdomain as my external name?
i.e. http://internal.domain.co.uk/, or should I keep it as similardomain.local
I Really appreciate you time!