Nat and dmz help

ugur · Aug 30, 2006, 8:45 AM

wan
router
212.175.221.1/24
|
pfsense
212.175.221.2/24
(c klass)
nic1 | nic2
+–-----------------------------------------------------------------------------+
| |
dmz lan
10.6.1.1/24 10.6.2.1/24
+---------------------+--------------------+ (nated)
| | |
www ftp mail
10.6.1.21/24 10.6.1.61/24 10.6.1.11/24

nic configs:
wan: 212.175.221.1/24
lan: 10.6.2.1/24 (gateway wan)
dmz: 10.6.1.1/24 (gateway or bridge required?)

vips:
wan vip carp: 212.175.221.3/24 (24?)
….to
212.175.221.254/24

dmz vip carp: 10.6.1.0/24 (required?)

pfw:
wan: 212.175.221.21 port 80 to 10.6.1.21 port 80
wan: 212.175.221.61 port 21 to 10.6.1.61 port 21

advanced outbound nat: enabled

for lan: 10.6.2.101 to 212.175.221.101
....to
10.6.2.254 to 212.175.221.254

for dmz: 10.6.1.21 to 212.175.221.21
10.6.1.61 to 212.175.221.61
10.6.1.11 to 212.175.221.11

disable nat reflection: unchecked

rules:
lan: only http, ftp, pop3 and smtp to any
dmz: any to any
wan: any to www/port http
any to ftp/port ftp
any to mail/port smtp/pop3

lan access outside success: http, ftp, pop3, smtp
dmz to any not accessed
any to dmz not accessed

whats wrong?

ugur · Oct 4, 2006, 6:12 PM

pfsense is great product

and great support..

thnx.

sullrich · Oct 4, 2006, 8:58 PM

So is your bogus bug report.