DMZ to LAN - mySQL



  • Hello,
    First time poster here.

    I have pfsense installed on a BOX with 4 NICS.
    WAN: Public IP
    LAN: 10.0.1.xxx - DMZ
    Internal LAN: 10.0.2.xxx

    Now I have on the DMZ some virtual servers - Ubuntu 14.04 headless
    My question is how can I setup the firewall rules for the DMZ servers on LAN: 10.0.1.xxx to just reach into the Internal LAN: 10.0.2.xxx to access a server that is hosting a mySQL Database.

    Still in the process of learning pfsense - It is an amazing piece of software.

    Thank You



  • I'm not sure I understand you.  Default firewall rules on LAN allow all access out.  DMZ by default has no rules allowing anything.  LAN has full access to DMZ and return traffic is allowed.  DMZ has no access to LAN or WAN until you add a rule.  Your LAN clients should have full access to your DMZ SQL servers by default.