I just set up Authenticated Origin Pulls for my domain, but there’s one thing I can’t get my head around.
I like to access my services from inside my network using the domain instead of the IP address. I have a pfSense box as my firewall, and I have NAT reflection on, but as far as I can figure, that won’t have the correct cert with its request so it won’t work.
What are the best practices for having the authenticated origin pull in pace for outside the network phoning in, but still being able to access the services from inside the firewall?