Router only, no NAT, where do we put rules to open ports?
-
Hello,
We have a /30 on the WAN interface and a /26 on the LAN (public IPs). NAT is turned off. We have web and other services hosted on the machines using the /28. Do we simply open ports using firewall rules? We have tried this by making rules on both the WAN and LAN sides, but no luck. Can anyone point me in the right direction? Not finding the answer through search.
Thanks!
-
Rules go on the interface the connections arrive on/into. For a web server, that is usually WAN.
On WAN:
Pass TCP source any dest web-server-ip port 80
Pass TCP source any dest web-server-ip port 443https://doc.pfsense.org/index.php/Firewall_Rule_Processing_Order
https://doc.pfsense.org/index.php/Firewall_Rule_Troubleshooting