Passthru WAN from PFsense to Other Firewall/Router
-
Hi all.
I am a newbie in configuring PFsense. Please bear with me. I have a simple question regarding on connecting an Watcguard XTM firebox to a PFsense Appliance (and Vice versa)
Assume that i have this config:PFsense:
em0 WAN : ..123.5 (Public IP)
em1 LAN : 172.16.10.1/16
em2 LAN : 192.168.100.1/24 (Connected to XTM Firebox)PFsense gateways:
Public IP
172.16.0.1 /16 (LAN Gateway)
192.168.100.2 /24 ( XTM firebox Eth#2)Watchguard XTM Firebox
Eth#1 Wan : Public Static IP
Eth#2 LAN : 192.168.0.1/24
Eth#3 LAN : 192.168.100.4/24 ( Connected to Pfsense em2)My question is that, How can i passthru my PFsense WAN Public IP (..132.5) to Watchguard Firebox as an External interface.
Our XTM firebox use as a VPN server. Since we need an additional security we would like to use PFsense firewall to as External router before entering into our VPN (XTM firebox)
Here is the diagram
MODEM/ISP -> PFSENSE FIREWALL - > WATCHGUARD (VPN HOST) -> INTERNAL SERVERS
Thank you so much.
-
You can just port forward the public IP to it for the required VPN ports. Or use 1:1 NAT for all ports. You could easily end up with some asymmetric routing though if the Firebox doesn't handle it correctly.
Do you actually need a /16 on that LAN interface?
Do you actually need those LAN side gateways defined in pfSense?
They would only be required so that pfSense can access 192.168.0.0/24 for example.Steve