Hi there
In order to expose the firewall to a public IPv4 address we should change current host.domainname aka firewall.localhost to a FQDN.
So, is it the right way to do this via setup in the CLI an set it like this?
**hostname = change “localhost” to the machines name like “srv-01.” **
domainname = “mydomain.com”
In the end it is the FQDN like in the DNS at our domainprovider.
Thanks for advice
Jack
local domain is the local domain which should be unique local or standard local name.
Since I live in south dakota, so when they rejected adding sdak as a FQDN name that I wanted added to the system I used sdak as my domain name on my network. Because its unique and local. I needed to use such a domain name so my CA and cert ocsp server that I run (or will be running here in about a month) inside the network will service all of the certificates. Why people ask, because I can. I could use public certs with my public SSL server but I rather run a separate and sealed system than use what I have servicing other sites on the web. Plus it will keep managing it simple and separate from the web hosting business.
But since you are hosting a site, what you do in the web’s name server that is at your registrar site is put your name, www, and mx entries there (with the outside ip addres) and inside ipfire, you put the website’s name (i.e. example.com and www.example.com ) in hosts with the actual ip address of the server (its inside address on orange or wherever).
Thanks for your attention.
Is it even important that I use a FQDN in ipfire? Or can I just use a fictitious name?
And yes, there are services running behind the firewall that can be accessed via the reverse proxy.
You don’t want to use a public fqdn for the network. Either non standard 4 letter name or the standard .local name. .local is what is traditionally used but I run a 4 letter non standard name because my ssl certificate server will not issue .local certificates (because .local is for self signed only) to my cameras, printers and things like that.
You can host any .com, .net, .org, …etc servers on the ipfire. I would put their FQDN in hosts so any computer on the local network that goes to it will resolve locally within the network.
ok. Then I just can stay with ipfire.localhost. There is no green network and no local user inside. Just a few servers behind the firewall, staying in my company because of fast internet and cheap electricity 
No office there…