Need to resolve before hospital and rehab stay Thursday - remote access.
-
I'm heading for an unexpected but not major stay at hospital then rehab. I need to get additional LAN operational tonight. I have Verizon Fios. PFSense hardware router is in front of usual in-home verizon home router. All that works flawless. Diagram shows WAN connected to outside Verizon box. Diagram also shows igb1 successfully connected to and working flawless with Verizon internal black router which provides channels and wireless internet to family. My problem is igb2 "OPT1_ESXi". When this problem is resolved I'll be connecting an Ubuntu server to it. But right now when I connect my laptop direct to igb2 I am successfully given a local IP of 10.20.31.10. So DHCP is working in desired range of igb2. However I can't get out to the internet. So to diagnois the problem I first tried to ping the igb2 port at 10.20.31.1 at that failed. So I can obtain a DHCP IP address from igb2 but can't ping that IP. I also suspect once that problem is solved that I need to setup a rule to allow my laptop to get to the internet via the WAN interface and I'm not sure how to do that. Can someone look at the attachment (note: I printed all relevant screen shots) and help me providing specific suggestions for:
1. Get laptop assigned as 10.20.31.10 to ping the port at igb2 10.20.31.1
2. Allow same laptop to hit the internet so I can attach my server to it.
3. Please help with port forwarding for so if I go to my home IP and say port 22 I can ssh into my linux server.
4. How do I gain access to the admin page for pfsense from outside network in case need to make a change from rehab?Please know I have blacked out my IP address. I'll probably have verizon reset before I leave and I do have plenty of cyber security checks not shown.
Again the difficult part of my pfSense hardware (i.e. putting it in front of my home Verizon router and have it spoof Verizon is working fine.). Please help. I do expect to be up most of evening and night and will monitor.
Thank you. I have been learning and have implemented a lot using this pfSense router but unexpectedly need to complete this evening.
Pre.Hospital.Rehab.Mustdo4.pdf.zip -
Just noticed that the zip file was empty. I'm uploading now with all that is needed. If anyone can help solve any issue, such as being able to remote access pfsense admin, while I'm away, that would be most helpful because I can at least wire everything up and resolve remotely.
Here are attachements
-
On OPT1 firewall rules you re only allowing TCP. So ping (ICMP) and any UDP or other protocols will not work.
Make the firewall rules on OPT1 similar to on LAN - protocol any (all IP) and put source OPT1net (although source any will work also).3. The ordinary port forwarding tab will let you set up a port forward of some port on WAN to a particular IP and port inside OPT1. You will want to make sure the SSH server on the target system is secure. But I would:
4. For remote access for both q3 and q4 I would set up OpenVPN (you already have some screen shots of that) and use an OpenVPN client to connect in to pfSense. From that you will have a tunnel to give you access to both pfSense webGUI and the server on OPT1net.
-
Thank you. In my comparison of working LAN and OPT1_esxi I missed not allowing ICMP, etc. I was looking for differences and in my rush to get so much done I missed it. You noticed correctly the start of openVPN, definite doing that since only family members will be there. I need to remote access in case something needs 'fixing' while stuck a few miles away. Thanks for list, BIG help while I am running thru things fast.
-
Thank you for all those that helped. Everything solved and able to access securely while going thru some 'stuff'. Family reports no issues with their side.