Apply OPNsense in data center with gateway

Started by yhfirewall, January 25, 2021, 04:23:44 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 25, 2021, 04:23:44 AM Last Edit: January 25, 2021, 04:59:07 AM by yhfirewall
Hi,

We plan to apply OPNsense in a data center in-front of a server, the server have public IP and gateway.
Our server requires to have a public IP address configured in the network card.
Can anyone suggest the network topology to set it up? Using bridge network?

My wish is to just plug in the server (with public IP and gateway configured in the server) into the firewall and the firewall will filter the traffic.

We tested but can't get the server behind the firewall to be accessible from the public.
We configure the server's gateway to be the OPNsense LAN, the server can access the internet but the server can't be access from the public (outside).

Please advice, thanks.
January 25, 2021, 09:50:35 AM #1
Quote from: yhfirewall on January 25, 2021, 04:23:44 AM
We configure the server's gateway to be the OPNsense LAN, the server can access the internet but the server can't be access from the public (outside).

Please advice, thanks.


What do you mean by that? Please create a small network diagram, you can copy a template from here:
https://forum.opnsense.org/index.php?topic=7216.0
,,The S in IoT stands for Security!" :)
January 25, 2021, 11:20:15 AM #2 Last Edit: January 26, 2021, 04:37:58 AM by yhfirewall
Thank you for your reply.

All servers place inside data center, data center will provide public dedicated IP and gateway for each server.
Below network diagram we hope to achieve, "Public Server" dedicated IP 172.16.16.101 need to be accessible from the public WAN.

Please suggest the network WAN or LAN to connect my public server to the firewall.
Should we bridge the network from "Public Server" with OPNsense WAN and allow all traffic to pass through the rule?


      WAN / Internet
              :
              : Data Center
              :
       -----+-----
      | Gateway |  Gateway: 172.16.16.1
       -----+-----
              |
      WAN | IP: 172.16.16.100
              |
       -----+------              LAN IP: 10.0.0.1          ----------------
      | OPNsense | -----------------------------------| Local Server |  IP: 10.0.0.2
       -----+------                                                ----------------
              |
              |  WHAT SHOULD WE
              |  CONFIGURE HERE?
              |
      ------+---------
     | Public Server |   IP: 172.16.16.101
      ------+---------   GW: 172.16.16.1
Print
Go Up Pages1
User actions