OPNsense Forum

English Forums => Tutorials and FAQs => Topic started by: Tony200 on February 21, 2022, 09:38:32 pm

Title: Question about mutiple port alias and firewall rules
Post by: Tony200 on February 21, 2022, 09:38:32 pm

Hi there,

I have a question about a multiple port alias and firewall rule. Here is some example :
- I want to open a DMZ HTTP proxy server using IPv6 to public WAN
- So I need to open HTTP (80) and HTTPS (443)

To do this :
- I create alias for proxy server IPv6
- I create mutliple port alias for HTTP and HTTPS
- I create a rule on WAN interface allowing incoming connections on IPv6 to proxy serveur using IPv6 alias for destination and the multiple port alias to allow in the same rule both HTTP and HTTPS

--> This only allow HTTP (because fisrt port in the multiple port alias).

To have HTTPS working, I need to create a second rule with only HTTPS, and let only HTTP in first rule.
And I don't want to allow a range from 80 to 443, only 80 and 443.

Is a multiple port rule is allowed in Opnsense ? If yes, how to do this ? According to the web interface, only one port is allowed in destination port (or port range, but not multiple port alias, or this is not working).

Seems to be the case in pfsense to use multiple port aliases.

Many thanks
ทางเข้า PG Slot (https://webpressive.com/entrance-pg-slot/)

Title: Re: Question about mutiple port alias and firewall rules
Post by: Greelan on February 21, 2022, 10:24:22 pm

Don’t see a reason why it wouldn’t work. Check under Firewall/Diagnostics/Aliases that the alias is populated correctly and under Firewall/Diagnostics/Statistics/rules that your multi port WAN rule is creating appropriate rules for http and https