Multi WAN, TO VM NAS with seperate Firewall
-
its not working. the vms can go out.
only project is reachable.here is the virtual-ip configuration
and the interface
Did i something wrong? Or should I ask my hoster, if any feature is missing?
-
Are you sure, the safeserver is responding to the access from the internet?
To investigate use the packet capture tool from the Diagnostic menu on pfSense.
Take a capture on LAN interface while trying to access the Safeserver from outside.
If you see nothing take a capture on OPT1 to check if the packets arrives pfSense. -
In OPT1 its showing the ping request
00:07:12.007358 IP 5.100.XXX.XXX > 144.76.93.234: ICMP echo request, id 6, seq 4, lengthbut there is nothing in lan
-
so i thing, something with the redirection is broke. (maybe the nat 1:1)?
-
You have not allowed ping on OPT1. Your rules only allow http and https. So you cannot see a ping on LAN, cause pfSense blocks it.
So either test with http or allow ping. -
now it should be allowedbut there is no difference. No incoming ping in LAN and no incoming https.
-
Strange. Yes, it should work.
What if you add a usual port forwarding rule to OPT1 instead of the 1:1 for that server?
-
nothing will pass.
no https response from the projectserver or the safeserver.
-
is there any other method to make a firewall.
it must not be efficient, it must only work.every vm must have its own rules and use its own public ip4 addresses.
-
@jochenmehlich said in Multi WAN, TO VM NAS with seperate Firewall:
nothing will pass.
no https response from the projectserver or the safeserver.
No idea. That is straight forward.
I'd drop that installation and start from scratch. -
i think thats the best method.
i will try it later - i have to sleep.could you explain me, what i have to do?
-
Just make a new installation of pfSense and configure it as you did before.
Sometimes anything go wrong and you cannot find any reason. -
same issue like the installation from yesterday. Projectserver is reachable, Safeserver not ...
-
Did you exchange external and internal IPs now deliberately?
Suspect saying to have no access to Saveserver as Saveserver was before 172.16.0.3 and now it's 172.16.0.2 (forwarded from 144.76.93.234).
-
@viragomann said in Multi WAN, TO VM NAS with seperate Firewall:
Did you exchange external and internal IPs now deliberately?
Suspect saying to have no access to Saveserver as Saveserver was before 172.16.0.3 and now it's 172.16.0.2 (forwarded from 144.76.93.234)yes it was deliberately, but it isnt working and i dont now why. im wondering, because the projectserver is always reachable.