Netgate SG-1000 microFirewall

Author Topic: NAT Specific Ports  (Read 933 times)

0 Members and 1 Guest are viewing this topic.

Offline liamdiaze

  • Newbie
  • *
  • Posts: 5
  • Karma: +0/-0
    • View Profile
NAT Specific Ports
« on: July 10, 2012, 11:04:15 am »
Hi, I'm new in pfsense. I need to allow the next specific ports from my LAN to the WAN interface: HTTP, HTTPS (I have configured squidguard), POP and SMTP. Any other port must be blocked. How can i do that? ???

Offline johnpoz

  • Hero Member
  • *****
  • Posts: 15785
  • Karma: +1504/-211
  • Not a pfSense employee, they cannot fire me...
    • View Profile
Re: NAT Specific Ports
« Reply #1 on: July 10, 2012, 11:20:06 am »
That would not really be nat, other than the normal nat from your private to your public on your wan.

Are you setup for explicit proxy - ie your browser pointing to the proxy or just transparent.  Which intercepts http/https normally.

Normally if you just want to allow access to specific ports outbound, you would do that on the lan rules.  Be default the rules are setup to allow anything from lan segment to go to any port outbound.

You create specific rules to allow http, https, pop, smtp, etc.  And then create a block rule after those that blocks anything else.
- An intelligent man is sometimes forced to be drunk to spend time with his fools.
- Please don't PM me for personal help
- if you want to say thanks applaud or
1x SG-2440 2.4.3-RELEASE (work)
1x SG-3100 2.4.3-RELEASE (work)
1x SG-4860 2.4.3-RELEASE (home)