Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    3 NICS

    NAT
    2
    9
    2243
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      etillett last edited by

      Hi Everyone,

      I really would like to know if this is possible with pfsense.

      Problem:
      I have 3 Nic
        rl0 = Wan 10.0.0.134
        nfe0=Lan 192.168.2.1
        rl1 = OPT1 192.168.0.7

      in the rl1=0pt1 I have a switch then connected to a web server which host my school  intranet having the ip 192.168.0.4

      What i Need to do is to have host on nfe0 connect to the local webserver. For example users can type in their browser http://192.168.0.4 then they can see the intranet web page.

      is this possible?

      Please Help
      etillett

      1 Reply Last reply Reply Quote 0
      • C
        clarknova last edited by

        That's possible. Your web server on 192.168.0.4 as well as the licent machines on the LAN will have to know their correct gateway (unless you plan to run internal NAT), and you will have to create a firewall rule on the LAN interface allowing traffic to the web server.

        db

        1 Reply Last reply Reply Quote 0
        • E
          etillett last edited by

          thank for the answer.

          Can you please give me futher explatnation? Appreciate very much

          thanks
          etillett

          1 Reply Last reply Reply Quote 0
          • C
            clarknova last edited by

            If you are running the dhcp server on LAN and OPT1, then all your dhcp clients will get their gateway automatically. That takes care of the routing question.

            Then in the firewall, you need to make sure you have a pass rule on each interface to allow traffic to the other subnet, or at least to the hosts and ports that you will need access to. By default, there is a rule on the LAN that passes all traffic from the LAN subnet. You could make a new rule based on this rule (using the plus sign to the right of it), and change Interface:LAN to Interface:OPT1, and Source:LAN subnet to Source:OPT1 subnet.

            Save and apply changes. You should be good to go.

            db

            1 Reply Last reply Reply Quote 0
            • E
              etillett last edited by

              Thanks for the promot replay.
              But I'm still having problems.

              I didn't explain that host are accessing the internet internet through the rl0-(WAN IP: 10.0.0.134 and gateway 10.0.0.2). I notice that when I try a tracert 192.168.0.4/ i get routed to 10.0.0.2(gateway to the Internet) from lan.

              I can ping 192.168.0.7 which is my OPt1 which i know is working.

              I am trying to set something like DMZ.

              Thanks. Please help
              etillett

              1 Reply Last reply Reply Quote 0
              • C
                clarknova last edited by

                Please attach a screenshot of your Status:Interfaces page.

                db

                1 Reply Last reply Reply Quote 0
                • E
                  etillett last edited by

                  Here is the screen shoot

                  Thanks for your relply!


                  1 Reply Last reply Reply Quote 0
                  • C
                    clarknova last edited by

                    Your subnet mask on OPT1 is wrong. It needs to be at most /29, probably /24, to be able to route to 192.168.0.4.

                    db

                    1 Reply Last reply Reply Quote 0
                    • E
                      etillett last edited by

                      Thanks I got it working!

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post