Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    [Solved] DMZ in pfSense

    General pfSense Questions
    2
    4
    869
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • H
      Heli0s last edited by

      I've set up a DMZ interface in pfSense and all the machines on that network are given a static IP (there's no DHCP) with the gateway of the interface IP (192.168.2.1) and the Google DNS servers (8.8.8.8/8.8.4.4).

      I've following the following instructions to set up a DMZ in pfSense:

      http://www.digitalphotomac.com/PFsense/DMZ/

      The issue that I'm having is that I can ping the Google DNS servers, however, I can't ping anything else, even though when I run the ping command I can see that it looks up that IP (it just doesn't ping). I can ping the DMZ network from the LAN, but not vice-versa. I can't access any website either or even do apt-get update.

      Have I set up the DMZ incorrectly?

      1 Reply Last reply Reply Quote 0
      • stephenw10
        stephenw10 Netgate Administrator last edited by

        Did you add appropriate firewall rules?
        Do you have outbound NAT set to automatic? If not did you add a NAT rule?

        Steve

        1 Reply Last reply Reply Quote 0
        • H
          Heli0s last edited by

          I figured it out. The issue was that even though I added the rules on the WAN side, since my traffic gets tunneled through an OpenVPN tunnel, I needed to add a rule on that interface as well.

          Thanks for the reply!

          1 Reply Last reply Reply Quote 0
          • stephenw10
            stephenw10 Netgate Administrator last edited by

            Hmm, ok.
            Usually the only place you would need to add a rule would be on the new interface to get internet access from there.

            Steve

            1 Reply Last reply Reply Quote 0
            • First post
              Last post

            Products

            • Platform Overview
            • TNSR
            • pfSense
            • Appliances

            Services

            • Training
            • Professional Services

            Support

            • Subscription Plans
            • Contact Support
            • Product Lifecycle
            • Documentation

            News

            • Media Coverage
            • Press
            • Events

            Resources

            • Blog
            • FAQ
            • Find a Partner
            • Resource Library
            • Security Information

            Company

            • About Us
            • Careers
            • Partners
            • Contact Us
            • Legal
            Our Mission

            We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

            Subscribe to our Newsletter

            Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

            © 2021 Rubicon Communications, LLC | Privacy Policy