4. Port forward for both LAN and WAN in one rule

Port forward for both LAN and WAN in one rule

  • M

    Let's say the WAN IP of pfSense is 172.217.2.35 and the LAN IP of pfSense is 192.168.0.1
    I have two PCs behine pfSense:
    PC1's LAN IP: 192.168.0.100;
    PC2's LAN IP: 192.168.0.101;
    I have one more PC (PC3) outside the LAN whose IP is 52.84.122.57
    PC1 is running an SSH Server on port 22. I added an NAT rule like this:

    After applying the above-mentioned rule, I can access PC1 using the following command at PC3:
    ssh admin@172.217.2.35 -p 22
    However, this command wouldn't work on PC2. I think it is because both PC1 and PC2 are in the same LAN and thus the rule somehow doesn't apply.

    So I tried to create a second rule:

    Now both PC2 and PC3 work.

    But I think this setting is a little bit awkward. Would there be any possibility that I can combine these two rules into one? (as I remember Sophos' UTM allows users to apply one rule to both interfaces, but it appears that pfSense doesn't work this way and one rule can only apply to either WAN or LAN?)

    Thanks~

    0
  • Banned

    RTFM: https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    0
  • M

    it works! Thanks anyway.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy