OPNsense Forum

English Forums => General Discussion => Topic started by: freekiil on December 14, 2016, 05:24:17 pm

Title: Validate my setup
Post by: freekiil on December 14, 2016, 05:24:17 pm
Hi All

i am currently doing a lab for a exchange server and i have some question about opnsense and my setup.

( see my setup in attachement )

here the question now

so from my router i will forward all mail traffic to the edge server.  But i am not sure how i can achieve the routing between the firewall from the DMZ to the Exchange.  or maybe i need to forward to the firewall.  i am a bit lost for this.

give me your input on this and maybe a better way to achieve my goal. ( the easiest is the best :) )

thanks all


Title: Re: Validate my setup
Post by: bartjsmit on December 15, 2016, 10:24:33 am
Set the default gateway on the edge server to your router and add a static route to your internal exchange via OPNsense. On the internal exchange, add a similar return route for the DMZ.

Easiest is to make OPNsense the default gateway for all internal devices and let it connect to the internet router. You will need to allow rfc1918 on the OPNsense WAN interface and you'll likely want to disable NAT.

Does your internet router have a static route for your internal IP range?

Bart...
Title: Re: Validate my setup
Post by: freekiil on December 15, 2016, 07:01:22 pm
Hi Bart

for the moment i am only in the design phase.

so your suggestion is to plug the opnsense directly in the router and use it as the default gateway for all my internal device ( pc server etc ).  and after that for the DMZ part, what need to be done.  set a route to reach the internal exchange that pass by the opnense  ( sorry for those kind of question but im a bit new in the networking and firewall stuff )

thanks