4. Static IP NAT to LAN IP

Static IP NAT to LAN IP


  • Hi,

    We want to access our file server from anywhere (Cloud).

    We are using pfSense as Firewall & Router & DNS Server.

    Our ISP has given 2 sets of Static IP Range. The Ip ranges are as connected in our pfSense box.

    a. 203.xxx.xxx.154/31 - WAN IP
    b. 182.xxx.xxx.23/29 - OPT1 IP
    c. 192.168.1.1/24 - LAN IP

    Our File Server LAN IP is 192.168.1.254/24 & we want to access over internet via IP 182.xxx.xxx.28/29

    How to configure this in pfSense box?

    Please guide me.

    Thanks & Regards
    Lokesh Kamath

    0
    V
     1 Reply
  • V

    @slkamath said in Static IP NAT to LAN IP:

    Our ISP has given 2 sets of Static IP Range. The Ip ranges are as connected in our pfSense box.
    a. 203.xxx.xxx.154/31 - WAN IP
    b. 182.xxx.xxx.23/29 - OPT1 IP
    c. 192.168.1.1/24 - LAN IP

    Two IP ranges from only one provider on different interfaces??
    So you have splitted your line by a switch to go into two interfaces? That makes no sense at all.

    @slkamath said in Static IP NAT to LAN IP:

    We want to access our file server from anywhere (Cloud).

    Which protocol?
    I presume, you use a protocol with data encryption like https for accessing the file server.

    So you have to add a NAT port-forwarding rule for your external IP and to the files servers IP and port. To do that, you have to know the ports used by the file server.

    0

  • @viragomann Thank you.

    2 IP ranges from 1 provider - yes.

    Both IP's Gateway is configured in L2 Switch (this is provided by ISP).
    From L2 Switch it is connected to pfSense.

    I did the below step's (If I am wrong please guide me).

    In pfSense there are 2 NW ports WAN & LAN. 1 OPT1 Port.

    So I configured OPT1 as /29 Gateway IP. Added 1 IP in VIP's. I can Ping /29 Gateway. But not VIP's.

    I also did the NAT. External IP as VIP's IP & Internal (NAT IP as) /24 IP. Port as HTTPS. But I didn't get any response to this. Getting message as Problem Loading Page.

    Lokesh Kamath

    0
    C
     1 Reply

  • can someone guide me?
    Lokesh Kamath

    0
  • V

    It would be better to post some screenshots of your configuration here, so we can get what you really did.

    @slkamath said in Static IP NAT to LAN IP:

    Added 1 IP in VIP's.

    Which kind of VIPs?

    @slkamath said in Static IP NAT to LAN IP:

    I can Ping /29 Gateway. But not VIP's.

    From where?

    @slkamath said in Static IP NAT to LAN IP:

    I also did the NAT. External IP as VIP's IP & Internal (NAT IP as) /24 IP. Port as HTTPS.

    What??
    Post screenshots, so we can see.

    0
  • C

    Assuming your /29 IP address range gets routed to your 203.xxx.xxx.154 you should not have to add any virtual IPs.
    A NAT rule on the WAN interface should be enough.

    The problem is, that 182.xxx.xxx.28/29 is not within your allocated subnet.

    Your subnet is 182.xxx.xxx.16/29 so you can use 182.xxx.xxx.17 to 182.xxx.xxx.22.
    The 182.xxx.xxx.23 you configured on your OPT1 interface is your BROADCAST address.
    You can not use this address for your Interface if you want to have hosts connected to it for a DMZ using public IP addresses.

    Take a look at a subnet calculator. It can help you with configuring the right IP addresses.
    http://jodies.de/ipcalc?host=182.0.0.23&mask1=29&mask2=

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy