Thursday, August 6, 2020

Opnsense firewall behind Mikrotik router and all clients are on the same level as the opnsense firewall, will it work?

I am new with opnsense firewall, so i need some help with my home setup,

Here is the diagram

Based on the diagram, my DHCP server is on Mikrotik router, so all the routing is for the Mikrotik to handle. I put DMZ rule on Mikrotik with the target to Firewall WAN address which is 172.16.200.2.

all the servers are on the same level as the firewall. the server's traffic will go to opnsense because i set the gateway to opnsense address which is, 192.168.0.104

i did configure the nat firewall on opnsense, the problem is when I tried to access the server from outside my network, the traffic are passed by the firewall, but it failed. for example, i tried to access the ftp server on port 21 (im using plain ftp) with a website called ftptest.net, when i started the test, the connection was timed out, but when i checked on the firewall log, it says it was passed.

other problem is, when i tried to block ICMP from inside the lan through the internet. it didn't work. (i am using this for testing the firewall)



No comments:

Post a Comment