[SOLVED] How to access to server in DMZ
-
Now in WAN there is only the rule
Source ANY to Alias-Server in DMZ for Alias-Port (80 + 443)41/5000
I have left the other rules (in LAN and DMZ) unchanged, but yet I don't reach the Apache server in DMZ and ports 80 + 443 are closed from the Internet with this linkDo I need to add a Port Forward?
I already have a port forward for ports 80 + 443 on the pfSense WAN card.Forgive my inexperience, but it is the first time that I work with pfSense and I create rules in a firewall.
I read the online manual and a couple of PDFs that I found on the net, but as regards the configuration of pfSense to manage a server in the DMZ I have not found anything that can help me.If you can direct me to another reading, I am giving it to you
-
@WhiteTiger-IT Show us the Port Forward-rule and the WAN-rule and while you are at it, the rest again.
-
In pfSense there are no port forwarding rules, only the two automatically created in Outbound.
This is the WAN screenshot about rules.
This is the screenshot of the router
-
@WhiteTiger-IT In a normal setup, your router would forward those or any ports to the pfSense WAN-Interface and then you would need to port froward from there to your actual server. So you would need to portforward in pfSense too, doing double-NAT. But maybe your setup is different, but you haven't told us in your first post.
-
@Bob-Dig said in How to access to server in DMZ:
@WhiteTiger-IT In a normal setup, your router would forward those or any ports to the pfSense WAN-Interface and then you would need to port froward from there to your actual server. So you would need to portforward in pfSense too, doing double-NAT. But maybe your setup is different, but you haven't told us in your first post.
I am now starting to configure pfSense in my "personal laboratory" to learn how to use it.
The rules entered are those that I also viewed in previous posts. There are no other rules and these are used to access the server from my PC and to make updates.
These are rules that I took from the official help.
In DMZ there is an Apache with only the default page, to do the tests I think it is enough. -
@WhiteTiger-IT So you haven't changed any settings in pfSense (System - Advanced - Firewall & NAT), then pfSense is its own router and you have to do double-NAT, like I said.
-
@Bob-Dig said in How to access to server in DMZ:
So you haven't changed any settings in pfSense (System - Advanced - Firewall & NAT), then pfSense is its own router and you have to do double-NAT, like I said.
I have now created this NAT Port Forward rule.
Is this what you mean?
-
@WhiteTiger-IT More like this:
-
I changed the NAT rule and didn't use aliases.
But now using the URL http: // IP-Address I get the Tunnel Connection Failed error
-
Using a DDNS I get the error Connection Timed out
I don't find error in Syslog / Firewall -
Last week I contacted the ISP that manages the firewall; they told me that they were no problems and that is pfSense not to have the ports open.
How can I check if it is true?
I can only use tools on the Internet and this tells me that the doors are closed on the public address.
If from pfSense Diagnostic I ping from WAN on the server, it doesn't work, but maybe this is not enabled. -
AAARGHHHH!
DAMNED DHCP THAT CHANGED THE ADDRESS OF THE WAN CARD!Everything is working!
I apologize very much and thank you for your support and patience!
