[email protected] schreef:
Hi,I have this configuration: WAN ---> 1.2.3.0/26 | | ---> DMZ 192.168.1.0/24 | pfsense V1.2.2 | WAN2 ---> 3.2.1.0/25 | | ---> LAN 10.1.1.0/24 I have to be able to connect from the LAN to the DMZ through the public IP. I could convince my boss to migrate from an old box with Linux, Iptables, Squid and Squidguard to pfsense, I have promised him that we can keep the same configuration but easier to maintain and to work with pfsense. Now I find out that if I'm using NAT 1:1, I cannot do it, most of the recommendations that I have read say that I have to override the DNS results or setup a different DNS for internal users of the LAN with the internal IPs. The problem here is that we have 200 domains running on the DMZ, I cannot manage 2 different DNSs manually or override all the hosts. Did someone already have this problem and found the way to solved it?
Create port forwards for the webhost over the 1:1 NAT IP address and enable NAT reflection.
That works. Atleast it does in 1.2.3. That is the way I currently use 1.2.3 here with 1:1 to my DMZ server.
Not sure atm what the situation in 2.0 is, i believe we use different code there.
Regards, Seth --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
