Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Is DMZ supported in pfSense firewall?

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 4 Posters 4.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      Teo En Ming
      last edited by

      Can I use my OPT1 interface as my DMZ network?

      1 Reply Last reply Reply Quote 0
      • jahonixJ
        jahonix
        last edited by

        Sure, it all depends on the ruleset you apply to an interface (and your definition of a DMZ).
        Where do you see a problem?

        https://doc.pfsense.org/index.php/Example_basic_configuration#Example_setup_isolating_LAN_and_DMZ_but_each_with_unrestricted_Internet_access

        1 Reply Last reply Reply Quote 0
        • T
          Teo En Ming
          last edited by

          It looks like I can use my OPTIONAL 1 interface as my DMZ network.

          Reference Resources:

          1. pfSense: Configuring the DMZ

          Link: https://zacheryolinske.wordpress.com/2015/05/18/pfsense-configuring-the-dmz/

          2. pfSense Setup: Part Four (Setting up a DMZ)

          Link: http://pfsensesetup.com/pfsense-setup-part-four-setting-up-a-dmz/

          The question is: Do I still need to configure port forwarding rules to servers in the DMZ network?

          1 Reply Last reply Reply Quote 0
          • H
            hbauer
            last edited by

            @Teo:

            The question is: Do I still need to configure port forwarding rules to servers in the DMZ network?

            yes

            1 Reply Last reply Reply Quote 0
            • MikeV7896M
              MikeV7896
              last edited by

              If you want the servers in your DMZ to be accessible via IPv4, yes, you do.  If you have IPv6 available and you're happy with your DMZ devices being only accessible through IPv6 (assuming they support it), then there's no requirement that you create IPv4 port forwards.

              The S in IOT stands for Security

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.