allright-thats nearly what I guessed - but anyway this is new territory so I need some easy help with some examples step by step ...:
Example:How should my pfsense look like if my internal
webserver IP would be the
192.168.1.100/24 and the virtual public IP which I got from my ISP would be the
217.77.222.222/255.255.255.255 (
T-COM)
(I use one WAN and one LAN)
Step by Step .... :1. deleting all my NAT entries in the port forarding table ... pfsense like a newly installed one
without anything configured except the WAN for my ISP connection (PPPoe to T-COM)
2. Setting up Virtual IP address:
- does Proxy ARP, CARP and other mean?
- Does somebody maybe have some external links for a good German or English description?my ISP is German T-COM and I guess I have to chose proxy arp - so this is what I would type in:
Type Proxy ARP
Interface WAN
Type: single addres
Address: 217.77.222.222
Virtual IP Password -left blank-
VHID Group -left blank-
Advertising Frequency -left blank-
Description my first virtual IP
save & applay .... allright ...
3. create
1:1 nat's for the public IP
(you have to know that my
internal webservers address is 192.168.1.100/24 and the
public IP which I want to forward to the webserver is still the
217.77.222.222) ;-)
so I open the 1:1 option in my webinterface... and that's how I would type it in ...:
Interface WAN
External subnet 217.77.222.222/32
Internal subnet 192.168.1.100/24
Description my first forwarded IP
save & applay ^^ doesn't work ;-) need some help
(by the way .. I didn't change anythin in Outbound meanwhile ... the whole pfsense is configured by default ... hope that's allright ;-) ... )
... let's theoreticaly go on anyway ...
4. create firewallrules for the allowed traffic - that's how I would do it ... please tell me if I'm wrong with something or if anything looks weired ;-)
....so in the end I want to have an open Port 80 for my webserver which is reachable from outside if i type in the
IP 217.77.222.222 in my webbrowser ... I think you understand ;-)
Firewall: Rules --> WAN ---> + (to add a new rule)
Action Pass
Disabled left unticked
Interface WAN
Protocol TCP
Source checkbox is left unticket
Type Single host or alias
Address: 217.77.222.222
Source OS -left on "any"-
Destination not is left unticket
Type Single host or alias
Address: 192.168.1.100
Destination port range:
from 80
to: 80
Log: -left unticket-
Advanced Options -I didn't change anything there ...-
State Type -I didn't change anything there ...-
No XMLRPC Sync -left unticket-
Gateway default
Description: my first http portforwarding for virtual IP
Would I be ready for using it now or is something missed or wrong except the entries in 1:1 which I hope to get help from anybody of you... ;-) ?
And that should be my result if everything's running:
Webbrowser (typed in: 217.77.222.222:80)---------->(217.77.222.222)pfsense(192.168.1.1)------------->(192.168.1.100)WebServer
I hope I wrote it understandable ;-)
Thanks to everybody who is developing and making pfsense better and easier for everybody!!!!! respect!!
Leander
pfSense Forum
