2WAN+DMZ+LAN1+LAN2
-
Hi all. I came from zywall world and I am a bit confused in configuring pfsense.
This is my situation
WAN(11.11.11.11/28) WAN2(OPT1: 22.22.22.22/30)
| |
–------ ----------
| |
PFSENSE-------------DMZ(OPT2: 33.33.33.33/24)
| |
-------- ----------
| |
LAN(44.44.44.44/24) LAN2(OPT3: 55.55.55.55/24)
I use PfSense 1.2-release in a PC having 5 nic.I define a group of common ports as CP (i.e. http, ftp, smtp, etc.)
I want:
1. all public ip addresses of WAN mappend in private ip addresses in DMZ: I used 1:1 nat
2. everyone outside WAN could connect to CP ports in DMZ: I created forward rules in interface WAN from any to the DMZ subnet
3. The DMZ servers must answer to the previous connection via WAN: ? there is nothing to do ?
4. The DMZ servers must navigate and connect to CP ports in internet via WAN (i.e. connect to external http, smtp, pop3) ? there is nothing to do ?
5. LAN and LAN2 must navigate and connect to CP ports in internet via WAN2 (i.e. connect to external http, smtp, pop3) ? there is nothing to do ?
6. LAN and LAN2 must navigate and connect to CP ports in DMZ (i.e. connect to external http, smtp, pop3) ? there is nothing to do ?Could someone give me some hints ?
Thank of all.
Rodolfo -
there is nothing to do ?
Read & Search
http://doc.m0n0.ch/handbook/examples.html#id11622455
http://doc.pfsense.org/index.php/MultiWanVersion1.2
http://forum.pfsense.org/index.php/topic,7001.0.html -
Thank you very much for your response. After reading&trying I coud post a more specific question.
First: in Firewall>Rules>DMZ, if I add a rule the rule is applied only to the the packets coming in the DMZ interface (i.e. packets sent by DMZ hosts), correct ?
In this case I dont understand the "Interface" field inside the rule (the hint said: "Choose on which interface packets must come in to match this rule. ").And second: the "Gateway" in the rule. This field means that if the packet satisfy the rule it is routed to this gateway overriding all other routing ?
thanks
-
First: in Firewall>Rules>DMZ, if I add a rule the rule is applied only to the the packets coming in the DMZ interface (i.e. packets sent by DMZ hosts), correct ?
In this case I dont understand the "Interface" field inside the rule (the hint said: "Choose on which interface packets must come in to match this rule. ").Which interface does this rule apply to, you could say
And second: the "Gateway" in the rule. This field means that if the packet satisfy the rule it is routed to this gateway overriding all other routing ?
*, opt1, opt2 etc. You could remember it as * belongs/is pfSense while everything else has nothing to do with pfSense and it's routing.