Russ Bennett wrote:
I probably am over thinking this...I tend to do that often.
Any how, I believe I am having success
1. I created the VIP with the /29 block I was given.
2. I created the 1:1 208.83.93.19/32 -> 10.0.1.14/32
3. I created the firewall rule
Proto Source Port Destination Port Gateway
TCP * * 10.0.1.14 80 *
4. In the logs, I get a green that says
@41 pass in log quick on bge1 inet proto tcp from any to 10.0.1.14
port=http keep state label "USER_Rule:Web Interface"
The above all sounds good. Since you're seeing the passes, 1-4 are all
setup properly and working as they should.
5. The web interface does not come up in the browser
I'm assuming it works using the private IP internally? At this point,
it's a server configuration issue. Most commonly, either the server has
the wrong default gateway (it must be pfSense's inside IP), or the
service isn't running, or its configuration restricts it from the
outside world.
The easiest thing at this point might be to run a packet capture on the
inside interface of your firewall to see what's really happening. Log
into SSH on pfSense and run the following:
tcpdump -i fxp0 src or dst 10.0.1.14
replacing fxp0 with your actual LAN interface.
Then try to access the site from outside, and see what it shows. Paste
the output here if you're not sure what it's telling you.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
