Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Public IP's in DMZ

    Firewalling
    2
    3
    503
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rbailo last edited by

      Hello everyone,

      i am using ESXI 5.5 on OVH network with Pfsense 2.2. I have 5 IP blocks from them. the following is how i have set things up using example IP addresses.

      Block 1 = 55.55.55.12/30
      block 2 = 56.56.56.32/28
      block 3 = 57.57.57.128/27
      block 4 = 58.58.58.160/27

      I have tried to implement all blocks into one Bridged to WAN DMZ interface with each block having a virtual IP block attached to the WAN interface with no success.

      what i have now works to an extent but i have issues with public access from the DMZ.

      What i have done was created 3 DMZ interfaces for blocks 2-4 and using block 1 for WAN interface.

      • WAN = block 1

      • DMZ_56 = block 2

      • DMZ_57 = block 3

      • DMZ_58 = block 4

      i have added a virtual IP block attached to the WAN interface for each IP block.

      block 2 = 56.56.56.32/28
      block 3 = 57.57.57.128/27
      block 4 = 58.58.58.160/27

      issued the next ip address of each block to the IP's Dedicated DMZ interface.

      • DMZ_56 = IP 56.56.56.33

      • DMZ_57 = IP 57.57.57.129

      • DMZ_58 = IP 58.58.58.161

      I have bridged all DMZ interfaces with the wan interface.

      I now can connect to any machine within the DMZ remotely from my desktop.

      All my DMZ interfaces have the same rules set in the firewall and WAN rules are set appropriately.

      Now for my issue, Interface DMZ_56 can access the internet and ping any outside address, But Interfaces DMZ_57 and DMZ_58 cannot access the internet even though i can access the machines remotely.

      What am i doing wrong? I have even tried to open the firewall completely with no luck.

      Any help would be greatly appreciated.

      1 Reply Last reply Reply Quote 0
      • R
        rbailo last edited by

        Can anyone give me a hand here. Im lost and its been days of me trying and cant get access.

        1 Reply Last reply Reply Quote 0
        • Derelict
          Derelict LAYER 8 Netgate last edited by

          Do you have a bunch of blocks on one interface (which would be less-than-optimal) or are blocks 2,3 and 4 routed to an address on block 1?

          1 Reply Last reply Reply Quote 0
          • First post
            Last post

          Products

          • Platform Overview
          • TNSR
          • pfSense
          • Appliances

          Services

          • Training
          • Professional Services

          Support

          • Subscription Plans
          • Contact Support
          • Product Lifecycle
          • Documentation

          News

          • Media Coverage
          • Press
          • Events

          Resources

          • Blog
          • FAQ
          • Find a Partner
          • Resource Library
          • Security Information

          Company

          • About Us
          • Careers
          • Partners
          • Contact Us
          • Legal
          Our Mission

          We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

          Subscribe to our Newsletter

          Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

          © 2021 Rubicon Communications, LLC | Privacy Policy