Nat setup with DMZ
-
At my work I have a class c subnetted address block 255.255.255.248 which has 5 host addresses. I have pfsense set up with 3 interfaces, one wan, one wan, and one opt1. The wan is x.x.187.202 which is the second address in my range. this uses standard PAT to server the lan machines at 192.168.1.x I want to have my web server on a seperate lan network, say 192.168.5.x and under the dmz interface. I set up 1:1 nat with x.x.187.202/32 as the external subnet and 192.168.5.10/32 as the internal subnet. As it stands now I can ping 192.168.5.1 and 192.168.1.1 from the server so I know i have connectivity across the lan, but I cannot access the internet from the server. I have also tried advanced outbound nat but that does not seem to help. I am sure there is a simple solution to this but what am I missing? Thanks.
-
Not an expert on this particular setup, but I think you want the actual subnet on the inside. e.g. 192.168.5.0/24?