DM/NAT/Port forwarding

Started by ursus, April 26, 2019, 09:21:10 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
April 26, 2019, 09:21:10 PM
I am moving from Ubiquity 3Port Firewall. I have setup a DMZ and have my MailInABox server running perfectly. I thought I could setup the same thing on OPNSense - I am making a mess somehow and cannot find my error. When I have the Firewall: NAT: Port Forward rules set (attached) I can access the sites perfectly from the Internet (it therefore seems as if the rules are OK) but from the LAN side I am getting very weird responses. I enter a URL (eg. http://hecklerdesign.com/product/cliff/) -> the hecklerdesign.com part gets replaced with my own URL -> http://www.mydomain.cc/product/cliff/

I am not sure way this is but I was wondering if it might have something to do with the fact that MailInABox acts as a DNS server? Anybody have any pointers form me?

Thank you in advance
April 27, 2019, 07:43:00 AM #1
will have to read the feedback too. ;-)
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
April 27, 2019, 03:42:47 PM #2
ok, found my error. When creating the NAT rules you need to select WAN address and not WAN net when creating the rule. It is also necessary to create an outgoing rule in the DMZ for the Mail in a box server.
April 29, 2019, 11:31:13 PM #3
for the outgoing on the dmz side which port did you use ?
Quote
Code Select
create an outgoing rule in the DMZ for the Mail in a box server.
apu2c4 / wle200nx / 240 Disk --> Firewall | FW-03
---
OPNsense 22.1.6-amd64
FreeBSD 13.0-STABLE
OpenSSL 1.1.1n 15 Mar 2022
April 29, 2019, 11:37:06 PM #4
Too be honest I allow all from the DMZ to WAN. I will specify ports I in the future but am learning OPNSense atm 😊 will want to setup ad blocking, IPsec instead of Arlo like I am using and a reverse proxy to host my other sites (tinyRSS and a wordpress site).
Print
Go Up Pages1
User actions