Thanks. It works!
2013/1/3 Ryan Rodrigue <[email protected]>: >> Hi list, >> >> I need to "public" some ports of a server in a DMZ. >> So I create a VIP ( ip alias ) in WAN with the public ip that i must have >> for the server ( it is different from the ip of the wan interface of the >> pfsense ). >> Then I created a "Port Forward" : >> >> Inteface: Wan >> Source: Any >> Destination: VIP >> Destination port: 80 >> Redirect target ip: Private ip of the server in DMZ NAT reflection: Use >> system default Filter rule association: NAT Rule >> >> From the outside I can contact my server properly. >> >> The problem is that when my server goes out on the internet is viewed with >> the public ip of the firewall. >> What should I do to make sure that when the server goes outside uses the >> address specified in the VIP? >> >> Thanks for your help. >> > > Option 1: > Setup advanced outbound nat rule for internal server to use VIP. ( I have > never tried this, but it seems like it should work ) > > Option 2: > Don't use port forward. Use 1:1 NAT and use firewall rules to block > unwanted traffic ( I have tried this and it works great. ) > > > > Ryan Rodrigue > > > > > _______________________________________________ > List mailing list > [email protected] > http://lists.pfsense.org/mailman/listinfo/list -- -------------------------------------------------------- Cristian Del Carlo -------------------------------------------------------- _______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
