NAT for DMZ not working
-
Hi,
Recently my hardware Firewall failed, until the replacement comes I need to get PfSense working, but I am failing. I have three physical connections as follows:
•LAN
•DMZ (Opt1)
•WAN
I am trying to get Internet connection between the DMZ and WAN using the NAT but cannot get any DMZ server to recieve the Internet. To start with I have fully opened the Rules to allow all traffic (once I have the internet working I will apply the original rules). I can access LAN to DMZ no problem.
I have provided a NAT:outbound rules as follows:
•Interface: WAN
•Source & source port: *
•Destination & dest port: *
•NAT address: *
Note that PfSense can access the Internet fine and performs DNS lookups and pings to google. From the DMZ a trace route to google IP also failsAny suggestions?
-
Did you try the Automatic outbound NAT rule generation?
-
If you are set to manual outbound nat, you will need to add the DMZ network to list. I don't think an any is going to work here. There should be a rule for LAN and one for DMZ. Setting the source as something like DMZnet or LANnet or 10.0.0.0/24 and such.
-
Have tried the automatic NAT, but no luck
-
Thanks podilarius for your comments but I have tried your suggestions with no luck
-
Did you setup an allow rule in the OPT1 firewall settings? By default no rule is added and will thus block all connections.