Show Posts
1
Tutorials and FAQs / Public Server and DNAT
« on: March 08, 2018, 11:58:56 am »
Hey everyone.
I am doing my last semester project, where I compare a Sophos Firewall with OPNSense.
For testing I created a public Server in the Sophos Firewall with a DNAT rule.
This is done so that the Server can be reached by a Public IP.
I have a static unprotected 4G router that runs with a transparent bridge, so the first thing that the Internet reaches from outside is the Sophos Firewall. In the firewall I can then use the DNAT to translate the Public IP to the IP for the Server.
I cant figure this out in OPNSense. I created a One-to-One BiNAT rule that goes to and from WAN and to and from the server. I unchecked the NAT box and did the settings. Now if I type the IP I cant reach the Server. Am I doing something wrong?
Oh before I forget, OPNSense runs in VM Workstation, where the first Network adapter is set to bridged (So there is no translation from the Host OS), and the Server is added with a LAN Segment. Everything else works fine, I just need the Server to be accessible from the internet. I have not found another post about this.
So, if I missed something I am sorry
Cheers
I am doing my last semester project, where I compare a Sophos Firewall with OPNSense.
For testing I created a public Server in the Sophos Firewall with a DNAT rule.
This is done so that the Server can be reached by a Public IP.
I have a static unprotected 4G router that runs with a transparent bridge, so the first thing that the Internet reaches from outside is the Sophos Firewall. In the firewall I can then use the DNAT to translate the Public IP to the IP for the Server.
I cant figure this out in OPNSense. I created a One-to-One BiNAT rule that goes to and from WAN and to and from the server. I unchecked the NAT box and did the settings. Now if I type the IP I cant reach the Server. Am I doing something wrong?
Oh before I forget, OPNSense runs in VM Workstation, where the first Network adapter is set to bridged (So there is no translation from the Host OS), and the Server is added with a LAN Segment. Everything else works fine, I just need the Server to be accessible from the internet. I have not found another post about this.
So, if I missed something I am sorry
Cheers