Wan to Wan Routing, I don't know how to do it

karenneko

Hello people,

I am trying to do a wan-to-wan routing for my system using pfsense. But I got struck in the last step where I should be able to send packets from WAN to LAN.
Firstly, the network map I have to design is as below: (50.4.30.x IP's are real public WAN IPs, not a private IP)

internet
|
router (ip=50.40.30.1/24)
|
firewall (ext ip=50.40.30.2 - /dont know what should be the subnet) (int ip=variable)
|
switch
|
servers (i.e.: ip=50.40.30.5/24, default gateway is 50.40.30.1)

What I did was:

• I created a Proxy-ARP mode VIP on LAN for 50.40.30.1 so that the servers doesnt have to know the fw's internal IP. I tested it and it seems working.
• Temporarily, I created a FW rule in both LAN and WAN that allows all kinda traffic from everywhere.
  My problem is:
• I can send pings/reach from my server (50.40.30.5) to 8.8.8.8 (for example), but I cannot ping/reach my server from an external IP.

What can be the problem?
And how should I configure pfsense for this purpose?

I really appriciate your help.
Thanks in advance.

Edit, just to make sth sure:
I am using real public IP adresses for my servers and I want to reach my servers from outside with their real public IPs.

GruensFroeschli

You should set your pfSense into bridging mode.

• Get rid of the VIPs.
• Don't assign a public IP to the WAN or LAN of the pfSense.
    Just set a private IP so you can manage it.
• After bridging LAN to WAN, make sure your servers have as default gateway the router 50.40.30.1/24 (the router in front of the pfSense).
• Create rules on the pfSense allowing traffic from the WAN to your server and from your servers to the internet (if they need internet access).