![]() ![]() Regular consumer grade router though, no option of pfSense. But since WAN2 is getting a private IP, am I at risk for having a blanket allow all rule on it? What rules should I ideally have for my private LAN networks and this private WAN2 interface?Īlso, is something like this doable? I have a static IP address setup in my second home that currently has a WireGuard server running. However I just wanted to know if I need to create specific rules for this type of scenario? My primary WAN has specific inbound rules of course, everything else is blocked. Because of this, I also know that if my primary WAN goes down, my self hosted services will not be accessible on WAN2, which I am fine with. So I have pfSense setup with the second connection and of course, it gets a private IP on the WAN2 interface. Their modem is also completely locked down, no option to set as Bridged Mode. The thing is, this ISP only hands out CGNAT addresses, they just don't give out Static or Dynamic IP's even with an extra billing charge. I recently got a second connection from a different ISP to have as a backup. So I have been using pfSense for a few years now and am very happy with it! I have a public Static IP from my ISP and have some services that I self host. This is an hopefully easy example, but if it is relevant I can tell you the whole setup I want to archive.I wanted to keep it simple to understand. I cant work with vpn for every client, that would be my favourite. But how could this work from the outside, because the route to the iot-network is not reachable for the client. If I put the webserver entrace point behind the pfsense, I could use this to link to all IOT-Devices, und it would work internally. Or load the webserver from the iot-device via iframe, which should be the same.īut this would open up all the iot-devices to the internet. If i click this link it connects me to the webserver of one of my iot-devices in the iot-network. Lets make the things easy and lets say I want an link on the webserver "entrace point". This Entrace point can be in the cloud, or behind the pfsense. I want to connect from an client on the internet to an "Entrace point" - a little webserver. I have an internal network "IOT-Network" with the VLAN 192.168.0.X behind the pfsense lets see if it will show without editing the post. First time posting with an image to the question. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |