No internet access on DMZ machine
-
I've set up a DMZ as outlined in this guide: http://www.digitalphotomac.com/PFsense/DMZ/
My pfSense IP is on the LAN subnet and it serves as the Gateway and DNS server for the LAN.
LAN is on 192.168.1.1/24
DMZ is on 192.168.2.1/24I've set up a DHCP on the DMZ as well and gave the machine a static IP (similarly to how I did it on the LAN interface and it works great). The only difference is that I didn't add anything in the Gateway and DNS information in the DHCP server config.
Did I miss anything in the setup? I'm thinking that it's something to do with the fact that pfSense is on the LAN segment and I'm blocking all the traffic to it.
-
So setting up another segment be it for what your going to call your dmz, or what your going to run another segment on makes little difference.
I take it from "192.168.2.1/24" that is the IP address you gave the pfsense inteface in your "dmz" segment. If your handing out dhcp in, than that 192.168.2.1 would be the gateway, and quite possible it should be the dns as well.
You also need to allow that traffic you want on your "dmz" in the firewall.. By default when you add an opt interface no defaults rules are allowed like when you first setup pfsense and it creates the lan segment.
But your dmz has no need to talk to pfsense lan IP, it should be able to talk to its "dmz" interface IP thought for dns, gateway.
