• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

[SOLVED] How to access to server in DMZ

Firewalling
4
19
4.6k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • W
    WhiteTiger-IT
    last edited by Jul 19, 2020, 9:57 AM

    In pfSense there are no port forwarding rules, only the two automatically created in Outbound.
    This is the WAN screenshot about rules.
    alt text

    This is the screenshot of the router
    alt textt

    B 1 Reply Last reply Jul 19, 2020, 10:01 AM Reply Quote 0
    • B
      Bob.Dig LAYER 8 @WhiteTiger-IT
      last edited by Bob.Dig Jul 19, 2020, 10:04 AM Jul 19, 2020, 10:01 AM

      @WhiteTiger-IT In a normal setup, your router would forward those or any ports to the pfSense WAN-Interface and then you would need to port froward from there to your actual server. So you would need to portforward in pfSense too, doing double-NAT. But maybe your setup is different, but you haven't told us in your first post.

      W 1 Reply Last reply Jul 19, 2020, 10:08 AM Reply Quote 0
      • W
        WhiteTiger-IT @Bob.Dig
        last edited by Jul 19, 2020, 10:08 AM

        @Bob-Dig said in How to access to server in DMZ:

        @WhiteTiger-IT In a normal setup, your router would forward those or any ports to the pfSense WAN-Interface and then you would need to port froward from there to your actual server. So you would need to portforward in pfSense too, doing double-NAT. But maybe your setup is different, but you haven't told us in your first post.

        I am now starting to configure pfSense in my "personal laboratory" to learn how to use it.
        The rules entered are those that I also viewed in previous posts. There are no other rules and these are used to access the server from my PC and to make updates.
        These are rules that I took from the official help.
        In DMZ there is an Apache with only the default page, to do the tests I think it is enough.

        B 1 Reply Last reply Jul 19, 2020, 10:11 AM Reply Quote 0
        • B
          Bob.Dig LAYER 8 @WhiteTiger-IT
          last edited by Bob.Dig Jul 19, 2020, 10:12 AM Jul 19, 2020, 10:11 AM

          @WhiteTiger-IT So you haven't changed any settings in pfSense (System - Advanced - Firewall & NAT), then pfSense is its own router and you have to do double-NAT, like I said.

          W 1 Reply Last reply Jul 19, 2020, 10:15 AM Reply Quote 0
          • W
            WhiteTiger-IT @Bob.Dig
            last edited by Jul 19, 2020, 10:15 AM

            @Bob-Dig said in How to access to server in DMZ:

            So you haven't changed any settings in pfSense (System - Advanced - Firewall & NAT), then pfSense is its own router and you have to do double-NAT, like I said.

            I have now created this NAT Port Forward rule.
            Is this what you mean?
            alt text

            B 1 Reply Last reply Jul 19, 2020, 10:17 AM Reply Quote 0
            • B
              Bob.Dig LAYER 8 @WhiteTiger-IT
              last edited by Jul 19, 2020, 10:17 AM

              @WhiteTiger-IT More like this:
              login-to-view

              1 Reply Last reply Reply Quote 0
              • W
                WhiteTiger-IT
                last edited by Jul 19, 2020, 10:28 AM

                I changed the NAT rule and didn't use aliases.
                But now using the URL http: // IP-Address I get the Tunnel Connection Failed error

                alt text

                1 Reply Last reply Reply Quote 0
                • W
                  WhiteTiger-IT
                  last edited by WhiteTiger-IT Jul 19, 2020, 10:33 AM Jul 19, 2020, 10:32 AM

                  Using a DDNS I get the error Connection Timed out
                  I don't find error in Syslog / Firewall

                  1 Reply Last reply Reply Quote 0
                  • W
                    WhiteTiger-IT
                    last edited by Jul 19, 2020, 10:40 AM

                    Last week I contacted the ISP that manages the firewall; they told me that they were no problems and that is pfSense not to have the ports open.
                    How can I check if it is true?
                    I can only use tools on the Internet and this tells me that the doors are closed on the public address.
                    If from pfSense Diagnostic I ping from WAN on the server, it doesn't work, but maybe this is not enabled.

                    1 Reply Last reply Reply Quote 0
                    • W
                      WhiteTiger-IT
                      last edited by Jul 19, 2020, 10:48 AM

                      AAARGHHHH!
                      DAMNED DHCP THAT CHANGED THE ADDRESS OF THE WAN CARD!

                      Everything is working!
                      I apologize very much and thank you for your support and patience!

                      1 Reply Last reply Reply Quote 0
                      19 out of 19
                      • First post
                        19/19
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.