Share Facebook , Google+ , LinkedIn , Twitter
I have been using an EdgeRouer POE as my main router for most of the network (some of the network still uses PFSense as a router, but thats being removed soon) for the last few weeks, and i am quite happy with it. I also have a second router, a Sophos UTM VM between my first LAN (essentially a DMZ) and my client LAN (there will be more “LANs” over there soon). The Client LAN is NATed between the DMZ and the LAN, which means anything on the LAN i want to access from the DMZ has to be port forwarded… Ideally, not much from the LAN should be accessible though the DMZ, but in my initial setup, stuff like Plex, etc, is…
What i wanted to do was setup a proper firewall between both networks, without the use of NAT… Do do this, i first had to disable th masquerading rules in Sophos:
next, on the EdgeRouter, i added a static route to point at the new network:
And finally, under firewall rules, i allowed what i wanted to allow (in this case, SSH from any DMZ client (not advised) to my Mac Mini).
And that, as they say, is that! So far, so good!
was last updated: July 13, 2018: fixing aliases (c8b9f0d). Found an issue? Improve this page
homepage of Tiernan OToole, Geek, photographer, GeekPhotographer, and lazy git.
- Auto deploying to multiple servers with GitHub and Webhooks
- Moving the site to Hugo
- Playing with AMD’s Epyc
- AS204994, Own IP Space and Anycast
- Blogging on an iPad Pro
- New Backup Plans
- Testing Forestry
- VSCode and Markdown Monster with Powershell
- Zerotier and Minio Followup
- Business Class Broadband… finally here….