Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Barrier Reef Setup and NAT

    Scheduled Pinned Locked Moved NAT
    2 Posts 2 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jensdanne
      last edited by

      Ok, this is my first post and I will explain, what is going on as simply as I can.
      We have a so called "barrier-reef" firewall situation.

      One FW sits in front of our DMZ and is connected to its own DSL Modem.
      Behind the DMZ there is the pfsense FW connected to it are 2 Interfaces, one the internal workstations and the other one with our internal servers, plus one WAN connection.

      As one of our internal servers is a Notes machine, people want to connect to it via Web Interface on Port 443.

      DNS says, notes.company.net > 195.122.123.124 (public IP), which is the pfsense interface of the DMZ and which is allowed in the first FW.

      I now need to be able to serv port 443 from 192.168.16.166 which is the internal IP of the notes machine to people coming in from the DMZ.

      I am sure i need to do some outbound NATting, but I can't just figure this out.

      I give you the setup again:

      WAN
                                                |
      WAN >> FW >> DMZ >> FW  –- workstations
                                                |  --- internal servers

      Help is really appreciated...
      ???

      1 Reply Last reply Reply Quote 0
      • N
        nocer
        last edited by

        Hope this helps: http://forum.pfsense.org/index.php/topic,7001.0.html

        And there are several posts asking the same in this this NAT forum.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.