opnsense newbie question DMZ NAT

Started by pixelmeister, August 21, 2021, 01:20:41 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
August 21, 2021, 01:20:41 AM
Hi,
I was using different gear since the last 10 years and wanted to switch to opensource.
So I am familiar to general network stuff, linux and servers, but I am totaly confused, by the different
vocabs/meanings  :o. So far most things I allready figured out (VLANs/LAN/DHCP/...)

So most network parts are running  :D fine - Thank you opnsense Team!

But I couldn't get my DMZ setup running, searched the Internet and the forum but couldn't find an simple example that would fit. Guess I am just not seeing it.

I have one public IP 1.2.3.4 <-> opnsense with 5 nics, WAN, LAN1,LAN2,LAN3 and DMZ
the DMZ uses 10.0.10.1 there are 2 servers hosting 3 services

10.0.10.10 hosts 2 webservers
     Port 80 a.mydomain.com
     Port 88 b.mydomain.com

10.0.10.11 hosts 1 webserver
     port 8000 c.mydomain.com

I have absolutely no clue where to start, I tried to follow lots of tutorials but had no success.

I am unsure what NAT to use and in which field where to but what values.

Tried to make ALIASES for external IP, internal IP and the subdomains but failed.

Even if I get just one service back up running I would be glad :-)
best regards
Antonio
August 21, 2021, 07:34:41 AM #1 Last Edit: August 21, 2021, 04:22:36 PM by mircolino
The following should work:

Firewall: Aliases

Name       Type     Content
---------  -------  ----------
WEB1_HOST  Host(s)  10.0.10.10     
WEB1_PORT  Port(s)  80,88
WEB2_HOST  Host(s)  10.0.10.11     
WEB2_PORT  Port(s)  8000


Firewall: NAT

Interface  Protocol  Source  Port  Destination  Port       NAT IP     Ports
---------  --------  ------  ----  -----------  ---------  ---------  ---------
WAN        IPv4 TCP  *       *     WAN address  WEB1_PORT  WEB1_HOST  WEB1_PORT
WAN        IPv4 TCP  *       *     WAN address  WEB2_PORT  WEB2_HOST  WEB2_PORT


Firewall: Rules: WAN

Direction  Protocol  Source  Port  Destination  Port       Gateway  Schedule
---------  --------  ------  ----  -----------  ---------  -------  --------
In         IPv4 TCP  *       *     WEB1_HOST    WEB1_PORT  *        *
In         IPv4 TCP  *       *     WEB2_HOST    WEB2_PORT  *        *
August 21, 2021, 10:34:47 AM #2
Thank you very much!
Allready started to test, ...
will post in the evening when I have success
:D
August 24, 2021, 09:45:42 PM #3
Thank you very much!

Just did it for the first server  :D

For other opnsense newbees
Keep in mind that ALL changes need to be applied!  ;D
AND in some window masks - you have to active the rule - if not ticked before!  ;)
Print
Go Up Pages1
User actions