Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense as VPN+Firewall on hosted server

    Scheduled Pinned Locked Moved
    General pfSense Questions
    2
    3
    460
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mkaltoft
      last edited by

      How would you configure pfSense in a situation like this:

      I have a server hosted in a datacenter that is assigned a private IP range that the hosting center then maps with public IPs, for example like this:

               LAN IP       Public IP
VM 1     10.0.0.170   203.0.113.170
VM 2     10.0.0.171   203.0.113.171
VM 3     10.0.0.172   203.0.113.172
VM 4     10.0.0.173   203.0.113.173

      pfSense should be installed on VM 1 and set up as a firewall and VPN server for the rest of the network, so that VM 2, VM 3, VM 4, is publicly accessible only on port 80. All other ports should only be accessible when logging in via VPN.

      How would I set this up using pfSense ? Setting up firewall rules and setting up a VPN is easy enough, but how do i route all traffic through pfSense, and what do I assign as WAN and LAN interfaces ?

      JeGrJ 1 Reply Last reply Reply Quote 0
      • JeGrJ
        JeGr LAYER 8 Moderator @mkaltoft
        last edited by

        @mkaltoft As I suppose your datacenter ISP that hands out the public IPs hasn't allocated you a public IP subnet/space that could be routed, just let him point all public IPs to IP of the pfSense in VM1. Then use 1:1 NAT or port forwardings to map .171 public to .171 private.

        Don't forget to upvote 👍 those who kindly offered their time and brainpower to help you!

        If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

        M 1 Reply Last reply Reply Quote 0
        • M
          mkaltoft @JeGr
          last edited by

          @jegr said in pfSense as VPN+Firewall on hosted server:

          @mkaltoft As I suppose your datacenter ISP that hands out the public IPs hasn't allocated you a public IP subnet/space that could be routed, just let him point all public IPs to IP of the pfSense in VM1. Then use 1:1 NAT or port forwardings to map .171 public to .171 private.

          That makes a lot of sense - thank you so much.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.