NAT done to VIP But SSH connection not working
-
Hello All,
I have created VIP in IP alias for usable IPs and have done 1:1 NAT for the DMZ servers. But global SSH connection is not happening. Should I create any rule for complete access to the DMZ server globally.
-
[Insert obligatory warning about not opening SSH up to the world unless it's only allowing key-based auth]
1:1 NAT does not add any firewall rules. If you setup 1:1 NAT and want to allow traffic inbound, you must also add firewall rules to the WAN interface which will pass to the local device on the ports you want. Keep in mind that the destination on the firewall rule is after NAT has applied, so it will be your local internal IP address.
-
Can you please help me with the any to any DMZ rule?
-
Can I set any to any port to the single host?
-
You are probably going to have to post exactly what you want to do.
https://www.netgate.com/docs/pfsense/nat/forwarding-ports-with-pfsense.html
https://www.netgate.com/docs/pfsense/nat/port-forward-troubleshooting.html