I have a 1:1 NAT setup with an web server in the DMZ.  I have setup the WAN rules to allow 80/443 to the web server in the DMZ.  The web site is only visible from the outside what I have a rule on the DMZ interface allowing the web server traffic out.  As it pfSense is not making a statefull connection in both directions.  Any ideas?  I added a rule for the web server to communicate to ANY with ports 1024-65000 as a temporary fix.  But this then opens unwanted holes into the LAN side as well.

]]>https://forum.netgate.com/topic/24738/web-server-back-flow-rules-in-dmzRSS for NodeFri, 15 May 2026 10:32:35 GMTWed, 30 Jun 2010 23:41:24 GMT60for the destination on your DMZ interface rule, tick the 'not' box and select LAN subnet.

]]>https://forum.netgate.com/post/238417https://forum.netgate.com/post/238417Thu, 01 Jul 2010 06:07:01 GMTIt is enabled, but there is no domain yet as it is a test server at the moment.  How will the DNS forwarder help the situation?

]]>https://forum.netgate.com/post/238402https://forum.netgate.com/post/238402Wed, 30 Jun 2010 23:55:22 GMTuse the DNS forwarder for the domain.

]]>https://forum.netgate.com/post/238399https://forum.netgate.com/post/238399Wed, 30 Jun 2010 23:44:50 GMT