OPNsense Forum
Archive => 20.1 Legacy Series => Topic started by: mrrodge on February 24, 2020, 06:01:08 pm
-
Trying to create a DMZ to put a web server in. I have OPNSense running on a dedicated server in a Hyper-V VM and have configured 3 interfaces; one LAN, one WAN and one DMZ. I've set up block rules to stop traffic crossing from the DMZ to the LAN and vice-versa then added a port forward rule to send all ports/protocols to the web server host in the DMZ.
1) Is my approach right? It seems to work and my DMZ machine can see/be seen from the net.
2) FTP is broken; I get a connection and a log in, but it fails to list the directory. If I put another VM in the DMZ it works so it's definitely OPNSense! It happens with plain FTP and TLS.
Thanks!
-
FTP requires the FTP proxy plug in and plaintext. Otherwise OPNsense cannot forward your traffic to the right machine.
-
OK thanks - much appreciated. Will post back if further difficulties!
-
FTP is broken
This is true in so many ways ;)
-
Works great - thanks!