Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Nat setup with DMZ

    NAT
    2
    2
    1.7k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kcarsey
      last edited by

      At my work I have a class c subnetted address block 255.255.255.248 which has 5 host addresses.  I have pfsense set up with 3 interfaces, one wan, one wan, and one opt1.  The wan is x.x.187.202 which is the second address in my range.  this uses standard PAT to server the lan machines at 192.168.1.x    I want to have my web server on a seperate lan network, say 192.168.5.x and under the dmz interface.  I set up 1:1 nat with x.x.187.202/32 as the external subnet and 192.168.5.10/32 as the internal subnet.  As it stands now I can ping 192.168.5.1 and 192.168.1.1 from the server so I know i have connectivity across the lan, but I cannot access the internet from the server.  I have also tried advanced outbound nat but that does not seem to help.  I am sure there is a simple solution to this but what am I missing?  Thanks.

      1 Reply Last reply Reply Quote 0
      • D
        danswartz
        last edited by

        Not an expert on this particular setup, but I think you want the actual subnet on the inside.  e.g. 192.168.5.0/24?

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.