3 NICS
-
Hi Everyone,
I really would like to know if this is possible with pfsense.
Problem:
I have 3 Nic
rl0 = Wan 10.0.0.134
nfe0=Lan 192.168.2.1
rl1 = OPT1 192.168.0.7in the rl1=0pt1 I have a switch then connected to a web server which host my school intranet having the ip 192.168.0.4
What i Need to do is to have host on nfe0 connect to the local webserver. For example users can type in their browser http://192.168.0.4 then they can see the intranet web page.
is this possible?
Please Help
etillett -
That's possible. Your web server on 192.168.0.4 as well as the licent machines on the LAN will have to know their correct gateway (unless you plan to run internal NAT), and you will have to create a firewall rule on the LAN interface allowing traffic to the web server.
-
thank for the answer.
Can you please give me futher explatnation? Appreciate very much
thanks
etillett -
If you are running the dhcp server on LAN and OPT1, then all your dhcp clients will get their gateway automatically. That takes care of the routing question.
Then in the firewall, you need to make sure you have a pass rule on each interface to allow traffic to the other subnet, or at least to the hosts and ports that you will need access to. By default, there is a rule on the LAN that passes all traffic from the LAN subnet. You could make a new rule based on this rule (using the plus sign to the right of it), and change Interface:LAN to Interface:OPT1, and Source:LAN subnet to Source:OPT1 subnet.
Save and apply changes. You should be good to go.
-
Thanks for the promot replay.
But I'm still having problems.I didn't explain that host are accessing the internet internet through the rl0-(WAN IP: 10.0.0.134 and gateway 10.0.0.2). I notice that when I try a tracert 192.168.0.4/ i get routed to 10.0.0.2(gateway to the Internet) from lan.
I can ping 192.168.0.7 which is my OPt1 which i know is working.
I am trying to set something like DMZ.
Thanks. Please help
etillett -
Please attach a screenshot of your Status:Interfaces page.
-
Here is the screen shoot
Thanks for your relply!
-
Your subnet mask on OPT1 is wrong. It needs to be at most /29, probably /24, to be able to route to 192.168.0.4.
-
Thanks I got it working!