Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Two-tier Firewall setup

    Routing and Multi WAN
    1
    1
    656
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • W
      wush last edited by

      Hello,
      my god, i found the solution on my own now. It's totaly easy  :'(

      My problem was, that the internal-firewall changed the source-ip-address with the result that nothing worked.
      I had to change the Outbound NAT setting to  Manual Outbound NAT rule generation and delete the suspect rules

      Logs from the external-firewall
      befor:  pass Jun 20 21:02:49 TRASNFERNET 10.25.47.14:4119           208.123.73.68:80         TCP:S  (Source IP is the internal Firewall: Not good)
      after:  pass Jun 20 22:02:49 TRASNFERNET 192.168.10.2:52926            208.123.73.68:80         TCP:S  (Source IP is the CLIENT-IP: GOOD )

      ###Setup####

      –---------------------   
                                Internet
                          -----------------------
                                    |(/29er network)
                  ---------------------------------------
                  external firewall  (pfsense)
                  --------------------------------------
                                  | 10.25.47.15           
                                  |                                             
                                  |                                                     
                                  |                                                       
                                  |                                             
                                  |10.25.47.14                           
                  ---------------------------------------       
                  internal firewall (pfsense)                 
                  ---------------------------------------       
                      LAN:192.168.10.1                                     
                                |                                                         
                                |                                                           
                                |                                                           
                                |
                  Testclient: 192.168.10.2

      1 Reply Last reply Reply Quote 0
      • First post
        Last post