LAN, DMZ and two gateways: problem

Started by hcape, January 22, 2024, 04:43:40 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 22, 2024, 04:43:40 PM
Hello

I have setup a system with two gateways WAN (5G static IP) and FC (fiber, DHCP).
I also have two interfaces: LAN and DMZ.
On DMZ there is a web server and a database server.
Internet users come in through the WAN IP. LAN goes out via FC.
I have a firewall rule that passes traffic from WAN (static) IP on ports 80 & 443 to the server in DMZ and it works flawlessly both from LAN as well as from Internet.

I thought great, it's fine. Only it wasn't.

Now I see that going out from the web server doesn't work at all.
Can't get DNS, can't update OS, heck can't even ping to 8.8.8.8.
Probably most of the things might work fine, if I only could route the DMZ computer to Internet via that WAN interface. At least I think it might.
Only haven't been able to figure it out at all how to achieve it.
Can anybody explain how to implement that? Spoon-fed would be great but I try to understand things on a higher level also if at all possible.

wbr
hank

P.S. If you ask me why, my FC doesn't currently allow traffic from http(s) in so O'm stuck with 5G for the server.
January 22, 2024, 05:29:16 PM #1
I think you may need to configure NAT for the DMZ. Check your router.
January 22, 2024, 07:21:13 PM #2
In my case I think that OPNsense _is_ the router.

There are four NICs and I basically would love to be able to route traffic from DMZ out to internet via WAN-interface (and keep the LAN tied to FC interface).

Only can't figure out how on earth...

hank
Print
Go Up Pages1
User actions