OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • Server setup behind a OPNsense firewall
« previous next »
  • Print
Pages: [1]

Author Topic: Server setup behind a OPNsense firewall  (Read 5598 times)

kdmiller45

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
Server setup behind a OPNsense firewall
« on: January 03, 2017, 01:24:40 am »
what does the network setup look like for servers behind the firewall to enable packet forwarding to a static IP
« Last Edit: January 03, 2017, 02:05:42 am by kdmiller45 »
Logged

deviantintegral

  • Newbie
  • *
  • Posts: 27
  • Karma: 1
    • View Profile
Re: Server setup behind a OPNsense firewall
« Reply #1 on: January 03, 2017, 02:06:48 am »
I just set up a port forward, though there were a few nuances to it.

For managing the IPs and addresses, assign a static IP to the server (I did a static DHCP assignment). Then, if you create an alias for it, you can easily change the IP later without having to update a bunch of firewall rules (love this!).

The destination needs to be set to WAN, and not the server you are forwarding to. It's the Redirect IP / Port rules you use for the server mapping. Also, there are settings for the Admin GUI that control the port it's listening on. You may need to move it if by "site" you mean a literal web server that you're forwarding to.
Logged

kdmiller45

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Server setup behind a OPNsense firewall
« Reply #2 on: January 03, 2017, 02:32:38 am »
I have my server properties setup for a static IP 192.168.1.120 I duplicated the DNS settings that are given to OPNsense

attached are my setup Aliases and Port forwarding
and the client still times out trying to connect to the web server
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: Server setup behind a OPNsense firewall
« Reply #3 on: January 03, 2017, 01:03:17 pm »
There are some things I would look at:

* Is your client coming from WAN (otherwise the rule will not be triggered)
* Does your client reach the firewall (provider does NAT etc.)
Logged

kdmiller45

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Server setup behind a OPNsense firewall
« Reply #4 on: January 03, 2017, 01:46:38 pm »
My server is behind the OPNsense firewall (192.168.1.120), the client attempting to connect is a hotspot on my cell with WiFi turned off.

I can Ping the server from within the network (Behind firewall) but not outside,
as a note I had port forwarding setup on the router working fine, but something is configured wrong on OPNsense

All workstations/Server can browse the internet
« Last Edit: January 03, 2017, 02:26:48 pm by kdmiller45 »
Logged

bartjsmit

  • Hero Member
  • *****
  • Posts: 1543
  • Karma: 166
    • View Profile
Re: Server setup behind a OPNsense firewall
« Reply #5 on: January 03, 2017, 05:04:22 pm »
Ping requires a separate firewall rule. Does the web site work?
Logged

kdmiller45

  • Newbie
  • *
  • Posts: 11
  • Karma: 0
    • View Profile
Re: Server setup behind a OPNsense firewall
« Reply #6 on: January 03, 2017, 05:24:52 pm »
No it does not working at all
Prior to OPNsense It worked via Internet and by using IIS right click on domain, select browse and it opened up in IE.
Logged

bartjsmit

  • Hero Member
  • *****
  • Posts: 1543
  • Karma: 166
    • View Profile
Re: Server setup behind a OPNsense firewall
« Reply #7 on: January 04, 2017, 08:21:29 am »
If your website won't even respond on the internal network, you should fix that first. Is the Windows WWW publishing service running? Any events?
Logged

  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 16.7 Legacy Series »
  • Server setup behind a OPNsense firewall
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2