4. Port forward for both LAN and WAN in one rule

Port forward for both LAN and WAN in one rule

  • M

    Let's say the WAN IP of pfSense is 172.217.2.35 and the LAN IP of pfSense is 192.168.0.1
    I have two PCs behine pfSense:
    PC1's LAN IP: 192.168.0.100;
    PC2's LAN IP: 192.168.0.101;
    I have one more PC (PC3) outside the LAN whose IP is 52.84.122.57
    PC1 is running an SSH Server on port 22. I added an NAT rule like this:

    After applying the above-mentioned rule, I can access PC1 using the following command at PC3:
    ssh admin@172.217.2.35 -p 22
    However, this command wouldn't work on PC2. I think it is because both PC1 and PC2 are in the same LAN and thus the rule somehow doesn't apply.

    So I tried to create a second rule:

    Now both PC2 and PC3 work.

    But I think this setting is a little bit awkward. Would there be any possibility that I can combine these two rules into one? (as I remember Sophos' UTM allows users to apply one rule to both interfaces, but it appears that pfSense doesn't work this way and one rule can only apply to either WAN or LAN?)

    Thanks~

    0
  • G

    RTFM: https://doc.pfsense.org/index.php/Why_can't_I_access_forwarded_ports_on_my_WAN_IP_from_my_LAN/OPTx_networks

    0
  • M

    it works! Thanks anyway.

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy