[Solved] DMZ in pfSense

Heli0s · Nov 9, 2013, 8:13 PM

I've set up a DMZ interface in pfSense and all the machines on that network are given a static IP (there's no DHCP) with the gateway of the interface IP (192.168.2.1) and the Google DNS servers (8.8.8.8/8.8.4.4).

I've following the following instructions to set up a DMZ in pfSense:

http://www.digitalphotomac.com/PFsense/DMZ/

The issue that I'm having is that I can ping the Google DNS servers, however, I can't ping anything else, even though when I run the ping command I can see that it looks up that IP (it just doesn't ping). I can ping the DMZ network from the LAN, but not vice-versa. I can't access any website either or even do apt-get update.

Have I set up the DMZ incorrectly?

stephenw10 · Nov 11, 2013, 8:14 AM

Did you add appropriate firewall rules?
Do you have outbound NAT set to automatic? If not did you add a NAT rule?

Steve

Heli0s · Nov 11, 2013, 3:20 PM

I figured it out. The issue was that even though I added the rules on the WAN side, since my traffic gets tunneled through an OpenVPN tunnel, I needed to add a rule on that interface as well.

Thanks for the reply!

stephenw10 · Nov 11, 2013, 5:30 PM

Hmm, ok.
Usually the only place you would need to add a rule would be on the new interface to get internet access from there.

Steve