[pfSense] creating a 1:1 NAT WAN to DMZ
moshe at ymkatz.net
Mon Feb 13 09:30:13 EST 2012
Here is a summary of my setup.
I have Virtual IPs (of type ProxyARP) for each of my IPs as you mentioned.
Do not put a Virtual IP for the address that you gave to the firewall
itself (in my case .82).
Make sure that the Virtual IPs are on the WAN interface.
Set up your DMZ interface (and your servers). Mine is using
In 1:1 NAT, add entries for each public IP. Make sure that the interface
for these entries is set to "WAN".
Create an alias with the INTERNAL addresses of all servers that will accept
connections on Port 80.
In the WAN Rules Tab, create a rule to pass port 80 traffic to all servers
in this alias. This part is not completely intuitive because the rule is
on WAN but it is using the private addresses, not the WAN addresses.
It may help for you to attach screenshots of the rules you have.
-- moshe at ymkatz.net
On Sun, Feb 12, 2012 at 10:57 PM, Jason T. Slack-Moehrle <
slackmoehrle at gmail.com> wrote:
> Hi Moshe,
> > I created an alias with the INTERNAL addresses of all web servers. The
> > is that these are the INTERNAL addresses, not the external addresses. I
> > have similar aliases and rules for HTTPS and all other needed ports.
> OK, I have done everything that we talked about and I am still not
> getting what I want.
> I have 5 static IP's that I want the WAN to answer for. But for the
> WAN Interface I am giving it only one of the IP's.
> I have 75.xx.xx.25 - 29 /29
> so my subnet mask would be 255.255.255.248
> My gateway is 75.xx.xx.30
> I am assigning the IP on the WAN 75.xx.xx.28.
> I dont see how to make it answer for all 5 IP's I have unless it does
> it automatically some how and I am not sure how it would.....
> In Firewall -> Virtual IP's I also tried adding
> 75.xx.xx.25 /32
> 75.xx.xx.26 /32
> 75.xx.xx.27 /32
> but that does not seem to help.
> Any more ideas what I might be doing wrong?
> List mailing list
> List at lists.pfsense.org
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the List