1. Home
  2. pfSense® Software
  3. NAT
  4. 3 NICS

3 NICS

  • E

    Hi Everyone,

    I really would like to know if this is possible with pfsense.

    Problem:
    I have 3 Nic
      rl0 = Wan 10.0.0.134
      nfe0=Lan 192.168.2.1
      rl1 = OPT1 192.168.0.7

    in the rl1=0pt1 I have a switch then connected to a web server which host my school  intranet having the ip 192.168.0.4

    What i Need to do is to have host on nfe0 connect to the local webserver. For example users can type in their browser http://192.168.0.4 then they can see the intranet web page.

    is this possible?

    Please Help
    etillett

    0
  • C

    That's possible. Your web server on 192.168.0.4 as well as the licent machines on the LAN will have to know their correct gateway (unless you plan to run internal NAT), and you will have to create a firewall rule on the LAN interface allowing traffic to the web server.

    0
  • E

    thank for the answer.

    Can you please give me futher explatnation? Appreciate very much

    thanks
    etillett

    0
  • C

    If you are running the dhcp server on LAN and OPT1, then all your dhcp clients will get their gateway automatically. That takes care of the routing question.

    Then in the firewall, you need to make sure you have a pass rule on each interface to allow traffic to the other subnet, or at least to the hosts and ports that you will need access to. By default, there is a rule on the LAN that passes all traffic from the LAN subnet. You could make a new rule based on this rule (using the plus sign to the right of it), and change Interface:LAN to Interface:OPT1, and Source:LAN subnet to Source:OPT1 subnet.

    Save and apply changes. You should be good to go.

    0
  • E

    Thanks for the promot replay.
    But I'm still having problems.

    I didn't explain that host are accessing the internet internet through the rl0-(WAN IP: 10.0.0.134 and gateway 10.0.0.2). I notice that when I try a tracert 192.168.0.4/ i get routed to 10.0.0.2(gateway to the Internet) from lan.

    I can ping 192.168.0.7 which is my OPt1 which i know is working.

    I am trying to set something like DMZ.

    Thanks. Please help
    etillett

    0
  • C

    Please attach a screenshot of your Status:Interfaces page.

    0
  • E

    Here is the screen shoot

    Thanks for your relply!


    0
  • C

    Your subnet mask on OPT1 is wrong. It needs to be at most /29, probably /24, to be able to route to 192.168.0.4.

    0
  • E

    Thanks I got it working!

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

© 2020 Rubicon Communications, LLC | Privacy Policy