Rules help with no internet access

Mr.Fw

Hello,

I have a pfsense firewall with 4 nics.
I tried to set some basic rules for one of the networks,
functioning as a Web servers DMZ.

I did managed to connect with the DNS server thats located in my ISP (WAN).

the problem is i couldn't get any internet access…

I've attached a picture of the rule table for that interface.

Please Advise Me  ???

p.s for the attached picture:
"Mailer" is a mail server located inside the IIS_DMZ network.
"Databaser" is a sql server located outside this network (connection working)
"ExternalDMZ" is 2 dns servers belong to my ISP

Thanks!

danswartz

What does 'no internet access' mean?  No web access?  If so, the rule for that is wrong, I think - it is referencing the WAN address, shouldn't it be '*'?

Mr.Fw

yep - no web access…

the "web access rule" i've tried to achieve is from inside the network to any wan address..

Have i did it wrong?

danswartz

Like I said, I think the destination needs to be '*' (any address.)

Mr.Fw

thanks for the help! :)

if i do that like you said, wouldn't it be able to connect with other networks besides WAN as well?

danswartz

I wasn't aware that was your issue.  If it is, put other rules in that block it from going to LAN or wherever and put those before the rule that allows http anywhere else.

Mr.Fw

Thank  You!

You've been very helpful  :D