Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Newbie: PortForwarding with 02 router

    Scheduled Pinned Locked Moved NAT
    4 Posts 3 Posters 3.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      namviet
      last edited by

      I have a netwok with this folowing map. I want to build home server with a linux server using apache server. The linux machine is tested good with apache in my local network.

      ADSL –-> Router1 (CNET CNIG904S) --->  Router 2 (Pfsense 1.0.1) ---> Linux machine using apache (Port: 80)
                    WAN: 125.212.156.12              WAN: 192.168.0.4 (Static)        LAN IP: 192.168.2.9 with apache server (Port 80)
                    LAN IP: 192.168.0.1                LAN IP: 192.168.2.1
                    PortFW: 192.168.0.4 (80)        PortFW: 192.168.2.9 (80)
                    DDNS Service: xxx.dyndns.org    DDNS: xxx.dyndns.org

      On the router 2, I using NAT-Outbound and Firewall Rule-WAN, but it doesn't work. Please help me.

      1 Reply Last reply Reply Quote 0
      • W
        wyckedone
        last edited by

        Instead of port forwarding from the first router, set the pfSense IP (192.168.0.4) as a DMZ so that all traffic flows to it.  Then, set a NAT -> Port Forward rule to send all traffic for port 80 to the Linux server IP.  Make sure you leave the check mark for "Auto-add a firewall rule to permit traffic through this NAT rule".  Remove the NAT -> Outbound rule you created because it's not needed.

        Why do you have two routers to begin with?  Is the pfSense firewall the only device connected to the cnet or does it have a built-in switch you are using?  If the pfSense box is the only thing connected, I'd take it out of the loop and have:

        ADSL -> pfSense -> Network

        1 Reply Last reply Reply Quote 0
        • N
          namviet
          last edited by

          Dear wyckdone, thanks so much. I try with your process. I use 02 router because I want to have 02 networks with VLAN.

          1 Reply Last reply Reply Quote 0
          • I
            iLoVe.cF-
            last edited by

            use the cnet adsl router as a bridge ? ..

            I got a do not know, and its so hidden so i cant be cba to check it, but its set as bridge, so the pfsense get the wan adress directly. :)

            82.xxx.xxx.68                  82.xxx.xxx.68                192.168.1.0/24
            Adsl modem/router –--->  Pfsense  -------> Smc DT1024Ez------------> Wlan router as bridge
                                                      |                          24 Port switch-------> all other interfaces/comps/eq such as printers,computers, etc.
                                                      |---------------|
                                                    DMZ                  |
                                                  192.168.0.0/24      |--------Restricted User lan 192.168.1.0/24 with stronger rules than my normal lan
                                                  Cisco 800S                        Dlink managed 16 Port
                                                  4Port                                |
                                                  |                                    |
                                                  Windows server 2003---------

            Okey, i know u wont have to have so damn advanced, but here can ya see some bridging rules, im gonna change the 192.168.1.0/24 restricted user lan adress and rules though.

            Well, use bridging, its kinda fun ;D instead of having vlan and such damn annoying extra things that can cause extra issues with applications or port forwarding..

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.