• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Access from wan pfsense with nat

General pfSense Questions
pfsense 2.6.0 nat proxmox
2
4
917
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • M
    ManuelDev
    last edited by ManuelDev Jun 23, 2022, 1:36 PM Jun 23, 2022, 1:31 PM

    I have a proxmox server in which I have virtualized pfsense.

    I try to be able to access the pfsense console from outside the network.

    🔒 Log in to view

    For it:

    I use ufw firewall which will do nat from my network to the pfsense wan ip.

    Edit before.rules file:
    ### NAT ###
    *nat
    :PREROUTING ACCEPT [0:0]
    :POSTROUTING ACCEPT [0:0]
    -F
    
    # Port Forwardings
    -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to-destination 10.99.99.254
    -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to-destination 10.99.99.254
    
    # Forward traffic through eth0 - Change to match you out-interface
    -A POSTROUTING -s 10.99.99.0/24 -o vmbr0 -j MASQUERADE
    
    COMMIT
    ### EOF NAT ###
    
    

    We install pfsense and assign the wan bridge 10.99.99.254

    When I try to access the pfsense interface from the server's public ip it doesn't work :(
    What am I doing wrong ?

    Another option would be to hire a second public IP for my server and put this as the pfsense wan. But I would like to avoid this because of the cost involved...

    S 1 Reply Last reply Jun 23, 2022, 2:20 PM Reply Quote 0
    • S
      stephenw10 Netgate Administrator @ManuelDev
      last edited by Jun 23, 2022, 2:20 PM

      Do you have rules on WAN in pfSense to allow that?

      M 1 Reply Last reply Jun 23, 2022, 2:37 PM Reply Quote 0
      • M
        ManuelDev @stephenw10
        last edited by Jun 23, 2022, 2:37 PM

        @stephenw10 said in Access from wan pfsense with nat:

        Do you have rules on WAN in pfSense to allow that?

        About pfsense I still don't have anything, it's just installed
        According to the following documentation, it seems that it was not necessary to establish any previous configuration in pfsense
        If not, I suppose that you should access pfsense from another machine hosted on the server.
        If so, what rule should I apply in pfsense to allow nat from my network and be able to access pfsense from wan?

        1 Reply Last reply Reply Quote 0
        • S
          stephenw10 Netgate Administrator
          last edited by Jun 23, 2022, 11:57 PM

          pfSense will only allow access from the WAN side by default if there is only one interfaces assigned. As soon as you assign two of more interfaces all connections to WAN are blocked by default and you need to add WAN firewall rules to allow them.

          1 Reply Last reply Reply Quote 0
          1 out of 4
          • First post
            1/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.