HELP with Rules or Nat Please
-
Hello I really could use some help here before i pull the rest of my hair out.
Senario:
Wan DHCP - 10.2.2.157/24 - Cisco Router
Lan 10.0.0.1/24 - Management
Student Vlan 5 - 10.3.3.1/24 - Unifi Wireless AP
Faculty - Vlan 6 - 10.1.2.1/24 - Unifi Wireless AP
DMZ - 192.168.2.1 - Static
I have some servers that need to be connected via DMZ in my existing lan 10.1.1.0/24 that need to be seen on the Faculty Lan 10.1.2.0/24 but not seen by the Student Lan 10.3.3.1/24 illustrated here.
i have tried everything rules,nat 1.1, port forward.. nothing works. What am i doing wrong?In a netshell i want Faculty vlan to see server 10.1.1.1 connected to the dmz interface.
Thanks for your advance help!!!!!
Can someone help please. I really need to get this working asap.
-
Don't post the same thing to multiple forums. Put it in general questions if you aren't sure where to put it. This is a firewalling question so I left this instance.
You just need to configure your firewall rules accordingly.
http://doc.pfsense.org/index.php/Firewall_Rule_Basics -
So first off I would ask for more information.. For starters this doesn't make any sense
DMZ - 192.168.2.1 - Static
In a netshell i want Faculty vlan to see server 10.1.1.1 connected to the dmz interface.So which is it - is the faculty vlan 192.168.2.0/? Or is on a 10.1.1.0/?
Also curious if your going to want access from the wan to anything behind pfsense - since your wan is private, are you double natting. Or have you disabled nat on pfsense and just using as router/firewall?
But if all your talking about is lan side segments to talk or not to talk to other lan segments its simple firewall rules on those interfaces. If are using nat then port forwarding would come into play and wan firewall rules, if no nat then just firewall rules on wan and lan interfaces to allow the traffic you want.