Hi folks,

I need to be able to access services from within my LAN using a public-facing hostname (for SSL mainly), as in NAT loopback / reflection / hair-pinning.

I can access my services externally with no issue, just not from my LAN via my public-facing hostname. This worked many moons ago but no longer does.

I own a 2860n and currently using 3.8.9.1_BT (have checked release notes for 3.8.9.2 but nothing listed addresses this fault). My main interface is WAN2 connected to Virgin Media. WAN1 is not used / disabled.

As for the setup, firewall rules are pretty basic for testing (allow everything except known-bad ports) and I'm using Open Ports to forward traffic to my internal web server. I've configured my Draytek so that it's not listening on 80 / 443 for any service (and to reiterate, my web server is accessible completely fine from outside my LAN).

There's at least one Google hit that suggests rolling back to v3.3.3 but I really don't fancy doing that ;)

Please can someone advise, and if relevant, can Draytek investigate and address this bug?

There's a bit of a debate as to whether this is a fault or not...
...personally, I think it is.

It definitely works on my 2830 and definitely doesn't work on my 2860. I don't think it's ever worked on the 2860...
**EDIT** Please ignore this - I'm talking drivel :oops:

As for getting it fixed - you'll have to take this route: https://www.draytek.co.uk/support/techquery

I'd be interested to hear their response.

I'm not 100% sure, but it sounds like the same issue I had:

https://forum.draytek.co.uk/viewtopic.php?f=2&t=22328&hilit=DNS+SSL

You can configure the 2860 to intercept DNS lookups for specific host names and return any IP address you want (at least it works for IPv4, not sure about IPv6)

Hi chaps, thanks for the response.

I'd still like Draytek to address and fix this issue, but in the interim I've added a LAN DNS override under *Applications >> LAN DNS / DNS Forwarding*, thank you for the suggestion

Draytek, please fix this regardless, seems like a rather important shortcoming for small businesses that rely on an internally hosted server.

foxdie wrote: I need to be able to access services from within my LAN using a public-facing hostname (for SSL mainly), as in NAT loopback / reflection / hair-pinning.

I can access my services externally with no issue, just not from my LAN via my public-facing hostname. This worked many moons ago but no longer does.

I own a 2860n and currently using 3.8.9.1_BT (have checked release notes for 3.8.9.2 but nothing listed addresses this fault). My main interface is WAN2 connected to Virgin Media. WAN1 is not used / disabled

Having read your question again, I realised I'd answered a totally different one (I was think about accessing your own VPN server, from the LAN) :oops:

In the case of what you are actually trying to do, then yes, that does work with my 2860n (also with Virgin Media on WAN2). I don't think I had to do anything special to make this work...