now when private machines trying to reach abc.com they receive public IP x.x.x.x and get connection refused as public IP is not able to service the request coming from inside network to translated network.
how can this be achieved without doing manual changes on local computers.
As the other respondent said you need to employ “hairpin NAT”, which basically involves two things:
a destination NAT – that applies to traffic sourced from inside your private network, but destined to the server public IP, which you’ll DNAT to the server private IP; (this will generate a nat / PREROUTING-j DNATiptables rule;)
a source NAT – that applies to the same traffic as above, by replacing the source address with the router’s own IP; (although I think any non-local IP would do;) (this will generate a nat / POSTROUTING-j MASQUARADEiptables rule;)
For the destination NAT you match traffic based on the destination IP being the public one, meanwhile for the source NAT you match traffic based on the destination IP being the private one of the server. (I don’t think you are required to add any source addresses and outbound interfaces to the source NAT rule as the documentation states.)
Note however that if the web server needs to take into account the IP address of the client, it will only see the IP address of the router.