Newbie: PortForwarding with 02 router
-
I have a netwok with this folowing map. I want to build home server with a linux server using apache server. The linux machine is tested good with apache in my local network.
ADSL –-> Router1 (CNET CNIG904S) ---> Router 2 (Pfsense 1.0.1) ---> Linux machine using apache (Port: 80)
WAN: 125.212.156.12 WAN: 192.168.0.4 (Static) LAN IP: 192.168.2.9 with apache server (Port 80)
LAN IP: 192.168.0.1 LAN IP: 192.168.2.1
PortFW: 192.168.0.4 (80) PortFW: 192.168.2.9 (80)
DDNS Service: xxx.dyndns.org DDNS: xxx.dyndns.orgOn the router 2, I using NAT-Outbound and Firewall Rule-WAN, but it doesn't work. Please help me.
-
Instead of port forwarding from the first router, set the pfSense IP (192.168.0.4) as a DMZ so that all traffic flows to it. Then, set a NAT -> Port Forward rule to send all traffic for port 80 to the Linux server IP. Make sure you leave the check mark for "Auto-add a firewall rule to permit traffic through this NAT rule". Remove the NAT -> Outbound rule you created because it's not needed.
Why do you have two routers to begin with? Is the pfSense firewall the only device connected to the cnet or does it have a built-in switch you are using? If the pfSense box is the only thing connected, I'd take it out of the loop and have:
ADSL -> pfSense -> Network
-
Dear wyckdone, thanks so much. I try with your process. I use 02 router because I want to have 02 networks with VLAN.
-
use the cnet adsl router as a bridge ? ..
I got a do not know, and its so hidden so i cant be cba to check it, but its set as bridge, so the pfsense get the wan adress directly. :)
82.xxx.xxx.68 82.xxx.xxx.68 192.168.1.0/24
Adsl modem/router –---> Pfsense -------> Smc DT1024Ez------------> Wlan router as bridge
| 24 Port switch-------> all other interfaces/comps/eq such as printers,computers, etc.
|---------------|
DMZ |
192.168.0.0/24 |--------Restricted User lan 192.168.1.0/24 with stronger rules than my normal lan
Cisco 800S Dlink managed 16 Port
4Port |
| |
Windows server 2003---------Okey, i know u wont have to have so damn advanced, but here can ya see some bridging rules, im gonna change the 192.168.1.0/24 restricted user lan adress and rules though.
Well, use bridging, its kinda fun ;D instead of having vlan and such damn annoying extra things that can cause extra issues with applications or port forwarding..