Barrier Reef Setup and NAT



  • Ok, this is my first post and I will explain, what is going on as simply as I can.
    We have a so called "barrier-reef" firewall situation.

    One FW sits in front of our DMZ and is connected to its own DSL Modem.
    Behind the DMZ there is the pfsense FW connected to it are 2 Interfaces, one the internal workstations and the other one with our internal servers, plus one WAN connection.

    As one of our internal servers is a Notes machine, people want to connect to it via Web Interface on Port 443.

    DNS says, notes.company.net > 195.122.123.124 (public IP), which is the pfsense interface of the DMZ and which is allowed in the first FW.

    I now need to be able to serv port 443 from 192.168.16.166 which is the internal IP of the notes machine to people coming in from the DMZ.

    I am sure i need to do some outbound NATting, but I can't just figure this out.

    I give you the setup again:

    WAN
                                              |
    WAN >> FW >> DMZ >> FW  –- workstations
                                              |  --- internal servers

    Help is really appreciated...
    ???



  • Hope this helps: http://forum.pfsense.org/index.php/topic,7001.0.html

    And there are several posts asking the same in this this NAT forum.


Log in to reply