...this is what you wind up with normally, until/unless you create a rule explicitly allowing the DMZ host to talk to the LAN, so yes, it's definitely possible. -Adam
On June 6, 2015 8:18:35 AM CDT, "Marc R. Meshurle Jr." <[email protected]> wrote: >Here's a question - I have a single IP with my ISP and want to take one >TCP port and send it to a DMZ for access from the public WAN and >internal LAN but the DMZ can't talk to the LAN, only the WAN port. Yes, >I know I can call my ISP and get another IP, but it is for limited use >and don't want to spend the extra cash for a limited use port value, >but the server needs to be in the DMZ. >Can I create a DMZ from a single IP on the WAN with a TCP Port being >sent to a DMZ? > >Thanks! > >Marc > > >_______________________________________________ >pfSense mailing list >https://lists.pfsense.org/mailman/listinfo/list >Support the project with Gold! https://pfsense.org/gold -- Sent from my Android device with K-9 Mail. Please excuse my brevity. _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
