Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Noob to OPNsense: firewall rules, help appreciated please!
« previous
next »
Print
Pages: [
1
]
Author
Topic: Noob to OPNsense: firewall rules, help appreciated please! (Read 1617 times)
Meeko
Newbie
Posts: 1
Karma: 0
Old noobie
Noob to OPNsense: firewall rules, help appreciated please!
«
on:
May 12, 2020, 09:11:13 am »
Hello
Ive tried to figure out why this isnt working and im failing, so any assistance would be much appreciated!
I have a domestic setup with a lot of net enabled devices. Looking to benefit from OPNsense with automated 4g fallback (working), integrated VPN (working) and traffic shaping (not looked at yet) so a small pc running OPNsense seems to make more sense than my previous setup with linux and iptables. Im not an absolute noob but struggling to get my head around this so far!
Setup:
Cable box [outside 81.x.x.x/32 static] [inside 192.168.0.1/24 static]
Opnsense box [WAN 192.168.0.26/24 by dhcp -will make static later]
[LAN 192.168.1.1/24 static]
Some othet devices that will move to the LAN via opensense box (so far on 192.168.0.x/24 dhcp) irrelevant at present
Linux server (LAMP, NFS, media server, SMB, print server)
[LAN 192.168.1.2/24 static]
External wifi repeater as an AP (until i get wifi working properly)
[LAN 192.168.1.100/24 static]
[Provides 192.168.1.1xx/32 via dhcp]
Test handset [wifi to AP gets 192.168.1.101/24 gateway 192.168.1.1]
Situation: i need devices on LAN to be able to access both outside world [0.0.0.0/0] AND inside devices [192.168.1.0/24] particularly servier via domain name [dns correctly points at cable box)
Problem: with NAT outcoung rule and reflection enabled, i can currently use test handset to access http/https outside world (ie browse
www.google.com
or
https://www.bbc.co.uk
)
BUT cannot access the server. Fair enough i need to add forwarding rules?
So yhen i add forwarding WAN to LAN http & https. Now i can browse xyn.co.uk which points to cable box, via opnsense and accesses the server BUT when i now try to browse
https://google.com
i get an https error and it tries to serve from my server! Similarly http pages from outside world produces pages from my server.
Tl;dr. I cant get my head around writing the NAT>Port Forwarding rule to forward external (any?) to LAN address.
Can someone start me off please?
Screenshots:
«
Last Edit: May 12, 2020, 05:14:11 pm by Meeko
»
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
20.1 Legacy Series
»
Noob to OPNsense: firewall rules, help appreciated please!