Access from wan pfsense with nat
-
I have a proxmox server in which I have virtualized pfsense.
I try to be able to access the pfsense console from outside the network.
For it:
I use ufw firewall which will do nat from my network to the pfsense wan ip.
Edit before.rules file: ### NAT ### *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] -F # Port Forwardings -A PREROUTING -i vmbr0 -p tcp --dport 80 -j DNAT --to-destination 10.99.99.254 -A PREROUTING -i vmbr0 -p tcp --dport 443 -j DNAT --to-destination 10.99.99.254 # Forward traffic through eth0 - Change to match you out-interface -A POSTROUTING -s 10.99.99.0/24 -o vmbr0 -j MASQUERADE COMMIT ### EOF NAT ###We install pfsense and assign the wan bridge 10.99.99.254
When I try to access the pfsense interface from the server's public ip it doesn't work :(
What am I doing wrong ?Another option would be to hire a second public IP for my server and put this as the pfsense wan. But I would like to avoid this because of the cost involved...
-
Do you have rules on WAN in pfSense to allow that?
-
@stephenw10 said in Access from wan pfsense with nat:
Do you have rules on WAN in pfSense to allow that?
About pfsense I still don't have anything, it's just installed
According to the following documentation, it seems that it was not necessary to establish any previous configuration in pfsense
If not, I suppose that you should access pfsense from another machine hosted on the server.
If so, what rule should I apply in pfsense to allow nat from my network and be able to access pfsense from wan? -
pfSense will only allow access from the WAN side by default if there is only one interfaces assigned. As soon as you assign two of more interfaces all connections to WAN are blocked by default and you need to add WAN firewall rules to allow them.
