On 2015-12-06 09:38, Jarno Elonen wrote:
Hi,
I'm trying to build a firewall, which NATs LAN-->WAN, and DMZ-->WAN,
but
routes LAN-->DMZ.
The problem is, LAN-->DMZ currently only works if I add a NAT between
them.
I've tried:
1) Adding "pass all to all" firewall rule to every interface
2) Adding an explicit "pass LAN to DMZ" firewall rule
2) Adding an outbound NAT rule with "Do not NAT" checked
3) Adding a gateway and a static route (no go; pfSense refuses
"Destination
network" that matches one bound to an interface)
Is there perhaps some "enable routing between interfaces" checkbox or
something I've missed..?
Every relevant post I've found on this seem to claim that 1) and 2)
should
work.
The system is a Watchguard XTM 530 with
pfSense 2.2.5-RELEASE (amd64)
built on Wed Nov 04 15:49:37 CST 2015
FreeBSD 10.1-RELEASE-p24
Network for LAN is 192.168.0.0/16 and DMZ 10.0.0.0/24.
-Jarno
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
Jarno
Do the devices on both the LAN and DMZ have a route to reach the other
network? In this case that probable means a default route pointing at
the respective pfSense interface.
Regards
Mike
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
