4. [Solved] DMZ in pfSense

[Solved] DMZ in pfSense

  • H

    I've set up a DMZ interface in pfSense and all the machines on that network are given a static IP (there's no DHCP) with the gateway of the interface IP (192.168.2.1) and the Google DNS servers (8.8.8.8/8.8.4.4).

    I've following the following instructions to set up a DMZ in pfSense:

    http://www.digitalphotomac.com/PFsense/DMZ/

    The issue that I'm having is that I can ping the Google DNS servers, however, I can't ping anything else, even though when I run the ping command I can see that it looks up that IP (it just doesn't ping). I can ping the DMZ network from the LAN, but not vice-versa. I can't access any website either or even do apt-get update.

    Have I set up the DMZ incorrectly?

    0
  • Netgate Administrator

    Did you add appropriate firewall rules?
    Do you have outbound NAT set to automatic? If not did you add a NAT rule?

    Steve

    0
  • H

    I figured it out. The issue was that even though I added the rules on the WAN side, since my traffic gets tunneled through an OpenVPN tunnel, I needed to add a rule on that interface as well.

    Thanks for the reply!

    0
  • Netgate Administrator

    Hmm, ok.
    Usually the only place you would need to add a rule would be on the new interface to get internet access from there.

    Steve

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy