Public ip behind Pfsense 2.0rc
-
Hi
Till now we have been using pfsense as a gateway server with NAT ,it works cool.But now we got a situation to add few public servers with static ip behind pfsense firewall.I know that NAT ,port forwarding will do the job.but we do not want that .i dont know how to proceed further.Please help me out.Same kind of questions was posted in earlier posts but people only talks about the alternative way and not answered for the question .So im afraid wether this is possible or not .Can some one help me with solution for this other than telling the alternate way ?Thanks
-Run
-
Its doable but it depends on your requirements.
-
Yes the standard way is to put the public IPs on the firewall and NAT/Port forward to DMZ hosts. This approach is taken as it is more secure and allows a single DHZ host to appear as several servers.
In your scenario the DMZ must be the public IP block and you simply add rules to route the traffic to the subnet.
I could give a more detailed answer but I've no idea if we are dealing with a contiguous block of IP addresses or some random IPs assigned by your ISP