Protecting my public servers

  • Hi,

    I have 14 public IP addresses which i would like to protect with pfsense. My pfsense has 3 interfaces. LAN, WAN, OPT1(DMZ). I am having a mental block so any help is appreciated.
    I would like my LAN to be able to access the public servers with out going through the WAN.
    OPT1 -11.22.33.? - MASK - does this make sense?
    LAN 192.168.1.x MASK

    I need to able to limit what is available to the outside. ie servers only provide web services or??? HTTP, SSH, HTTPS….but they can be fully accessible from the LAN or i can open more ports from the LAN to the DMZ? ie have FTP available only from the LAN.


Log in to reply