Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Web server behind pfsense 2 firewall

    Scheduled Pinned Locked Moved NAT
    23 Posts 7 Posters 33.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      mibovrd
      last edited by

      Well, the only other thing I can suggest is to apply the Server IP to a VIP outside of your network, change the actual IP of the server to one inside your network range, and then create a 1:1 NAT between them.

      Or your back to VLAN's again.

      Tweet: MIBovrd@cqrite http://www.cqrite.com

      1 Reply Last reply Reply Quote 0
      • N Offline
        nahid
        last edited by

        lankanatha,

        Create aliases for both of the IP's (Internal Web Server and External IP that you use for your domain).
        Then make port forward for the desired ports.

        Attached you can get the example.

        PortForward.png
        PortForward.png_thumb

        1 Reply Last reply Reply Quote 0
        • L Offline
          lankanatha
          last edited by

          Thank you.
          :-)
          @nahid:

          lankanatha,

          Create aliases for both of the IP's (Internal Web Server and External IP that you use for your domain).
          Then make port forward for the desired ports.

          Attached you can get the example.

          1 Reply Last reply Reply Quote 0
          • L Offline
            lankanatha
            last edited by

            but still it doesnt work,
            please provide step by step configuration for redirect port 80 to internal server.
            thank you.

            @nahid:

            lankanatha,

            Create aliases for both of the IP's (Internal Web Server and External IP that you use for your domain).
            Then make port forward for the desired ports.

            Attached you can get the example.

            nat.jpg
            nat.jpg_thumb

            1 Reply Last reply Reply Quote 0
            • C Offline
              cmb
              last edited by

              That last post's screenshot is correct assuming the WANIF alias contains an IP assigned to your WAN (or an IP routed to you, or a virtual IP). What's in that alias?

              1 Reply Last reply Reply Quote 0
              • JSmoradaJ Offline
                JSmorada
                last edited by

                I'm having what appears to be a related problem. My pfSense 2.0.1 box was running great until a thunderstorm knocked out the power. When I tried to bring the firewall back up, the file system was corrupt to the point where I had to do an install from scratch. I used the latest config backup I had, which was from Feb 2012, but when it got to  "conifguring firewall" on the console, it would hang. So, I started from scratch. I have a web server behind the firewall that I make accessible to the outside world but whenever I try to access a web page on it, it tries to go in as https instead of http. Is there something I'm missing here? I tried the suggestions below and it still isn't working. This shouldn't be rocket science and I've done it before…

                Thank You,
                Jon

                1 Reply Last reply Reply Quote 0
                • JSmoradaJ Offline
                  JSmorada
                  last edited by

                  Unfortunately, I couldn't afford to have my web server down, so I had to fall back to an old FVS-318 and have a Juniper appliance on the way.

                  @nipstech:

                  I'm having what appears to be a related problem. My pfSense 2.0.1 box was running great until a thunderstorm knocked out the power. When I tried to bring the firewall back up, the file system was corrupt to the point where I had to do an install from scratch. I used the latest config backup I had, which was from Feb 2012, but when it got to  "conifguring firewall" on the console, it would hang. So, I started from scratch. I have a web server behind the firewall that I make accessible to the outside world but whenever I try to access a web page on it, it tries to go in as https instead of http. Is there something I'm missing here? I tried the suggestions below and it still isn't working. This shouldn't be rocket science and I've done it before…

                  Thank You,
                  Jon

                  1 Reply Last reply Reply Quote 0
                  • chpalmerC Offline
                    chpalmer
                    last edited by

                    @lankanatha:

                    Hi,
                    i want setup web server behind firewall.please tell step by step instruction for fresh installation of pfsense 2.
                    thank you.

                    i have pc with two NIC
                    wan–---> real ip(xxx.xxx.xx.xx/27)
                    LAN----->172.16.1.1/24

                    Make your LAN 172.16.1.0/12

                    Triggering snowflakes one by one..
                    Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                    1 Reply Last reply Reply Quote 0
                    • L Offline
                      lankanatha
                      last edited by

                      WANIF is alias of wan ip
                      @cmb:

                      That last post's screenshot is correct assuming the WANIF alias contains an IP assigned to your WAN (or an IP routed to you, or a virtual IP). What's in that alias?

                      1 Reply Last reply Reply Quote 0
                      • L Offline
                        lankanatha
                        last edited by

                        i think you are right…this is not software error...it is hardware.hardware geometry error.
                        my problem is very simple..but isnt work.previously i used freebsd 8 as my gateway.after thunderstorm
                        its damaged.after that i had installed it correctly but portforwarding isnt work.this is bug of freebsd.
                        hence i thought use pfsense as gateway and installed it on same server.but it still not working.
                        :-(
                        hardware error(slice error??)

                        @nipstech:

                        I'm having what appears to be a related problem. My pfSense 2.0.1 box was running great until a thunderstorm knocked out the power. When I tried to bring the firewall back up, the file system was corrupt to the point where I had to do an install from scratch. I used the latest config backup I had, which was from Feb 2012, but when it got to  "conifguring firewall" on the console, it would hang. So, I started from scratch. I have a web server behind the firewall that I make accessible to the outside world but whenever I try to access a web page on it, it tries to go in as https instead of http. Is there something I'm missing here? I tried the suggestions below and it still isn't working. This shouldn't be rocket science and I've done it before…

                        Thank You,
                        Jon

                        1 Reply Last reply Reply Quote 0
                        • JSmoradaJ Offline
                          JSmorada
                          last edited by

                          That could be the case. The machine was already on it's last leg; the caps on the mobo were starting to swell and the +5v on the power supply sometimes goes under voltage. Whenever I come across another pc; I'll try again.

                          @lankanatha:

                          i think you are right…this is not software error...it is hardware.hardware geometry error.
                          my problem is very simple..but isnt work.previously i used freebsd 8 as my gateway.after thunderstorm
                          its damaged.after that i had installed it correctly but portforwarding isnt work.this is bug of freebsd.
                          hence i thought use pfsense as gateway and installed it on same server.but it still not working.
                          :-(
                          hardware error(slice error??)

                          @nipstech:

                          I'm having what appears to be a related problem. My pfSense 2.0.1 box was running great until a thunderstorm knocked out the power. When I tried to bring the firewall back up, the file system was corrupt to the point where I had to do an install from scratch. I used the latest config backup I had, which was from Feb 2012, but when it got to  "conifguring firewall" on the console, it would hang. So, I started from scratch. I have a web server behind the firewall that I make accessible to the outside world but whenever I try to access a web page on it, it tries to go in as https instead of http. Is there something I'm missing here? I tried the suggestions below and it still isn't working. This shouldn't be rocket science and I've done it before…

                          Thank You,
                          Jon

                          1 Reply Last reply Reply Quote 0
                          • L Offline
                            lankanatha
                            last edited by

                            change it..but notworking.
                            @chpalmer:

                            @lankanatha:

                            Hi,
                            i want setup web server behind firewall.please tell step by step instruction for fresh installation of pfsense 2.
                            thank you.

                            i have pc with two NIC
                            wan–---> real ip(xxx.xxx.xx.xx/27)
                            LAN----->172.16.1.1/24

                            Make your LAN 172.16.1.0/12

                            1 Reply Last reply Reply Quote 0
                            • N Offline
                              nahid
                              last edited by

                              lankanatha,

                              WANIF should be the IP address of your web server as you are going to port forward the web traffic to send them to ur local web server.

                              Try to follow this steps:

                              1. First create an alias (for example BlaWebSeverExternal) with the External IP address of your Web Address
                              2. Create another alias with the Internal IP address (For example BlaWebSeverInternal) of your Web Address
                              3. Then create a port forward that will forward the web traffic on HTTP port from BlaWebSeverExternal to BlaWebSeverInternal
                              4. If it works for HTTP port (80) then add another rule in the same that will forward the traffic on 81 and 82 port as well.
                              1 Reply Last reply Reply Quote 0
                              • L Offline
                                lankanatha
                                last edited by

                                i did it,but it doesnt work.:-(

                                @nahid:

                                lankanatha,

                                WANIF should be the IP address of your web server as you are going to port forward the web traffic to send them to ur local web server.

                                Try to follow this steps:

                                1. First create an alias (for example BlaWebSeverExternal) with the External IP address of your Web Address
                                2. Create another alias with the Internal IP address (For example BlaWebSeverInternal) of your Web Address
                                3. Then create a port forward that will forward the web traffic on HTTP port from BlaWebSeverExternal to BlaWebSeverInternal
                                4. If it works for HTTP port (80) then add another rule in the same that will forward the traffic on 81 and 82 port as well.
                                1 Reply Last reply Reply Quote 0
                                • First post
                                  Last post
                                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.