server behind pfSense

stetsip

Hi,

I m new with pfsense and i need a help on setting up.

I have a server with two network cards from witch i want only to send (not recieve) email messages (SMTP) port 587. No other internet activity. Everything block. No other pc or server needed to access internet.

One network card of Server is connected to my LAN.

I need to set up a firewall (a PC with two network cards).
One network card will be connected to external network (internet).

Please i need help how to set up.

Can i connect the second network card of server directly on pfsense pc internal network card?
I have to make a vlan between server and pfsense pc?
What rules (or NAT ?) i have to setup for best network safety?

Thank you in advanced!

Gertjan

@stetsip

To make this work, there is nothing special to do.

Set up pfSense as it "comes out of the box", with LAN = 192.168.1.1/24 etc.
Hook your 'server' up to the pfSense LAN.
Make sure your server got a LAN IP, and that DNS points to 192.168.1.1, the same thing for its gateway.

The default LAN firewall rule will work fine.

@stetsip said in server behind pfSense:

Can i connect the second network card of server directly on pfsense pc internal network card?

Don't use this second card.

@stetsip said in server behind pfSense:

What rules (or NAT ?) i have to setup for best network safety?

No NAT rules needed. Your server only sends mail and does not receives mails.

@stetsip said in server behind pfSense:

I have to make a vlan between server and pfsense pc?

Noop.

stetsip

@Gertjan said in server behind pfSense:

Can i connect the second network card of server directly on pfsense pc internal network card?

Thank you for your assistance..

My server is on LAN with other PCs and IP range: 10.xxx.xxx.xxx.

Only the Server needs to have access to the internet with firewall.

Gertjan

@stetsip said in server behind pfSense:

My server is on LAN with other PCs and IP range: 10.xxx.xxx.xxx.

Only the Server needs to have access to the internet with firewall

Go for the most easy solution :
Connect only your 'server', do not connect the PC's.

stetsip

@Gertjan said in server behind pfSense:

@stetsip said in server behind pfSense:

My server is on LAN with other PCs and IP range: 10.xxx.xxx.xxx.

Only the Server needs to have access to the internet with firewall

Go for the most easy solution :
Connect only your 'server', do not connect the PC's.

So i have to connect the second network card of the server on pfsense innernal LAN. Have i right?
One network card of the server will be used for LAN and the other for connection with pfsense. Have i right?

If no can you explain me how?

thank you

Gertjan

@stetsip

[Your ISP] <====> <WAN-pfSEnse>[PFSENSE]<LAN-pfSEnse> <=={ this is your LAN } ===> <server>

So, your "LAN" is the cable between the pfSense LAN port and the server network card.

You don't need the second network interface on the <server> device.