OK so I really just would like to clear up
something that's in the posts. I read several (all that were found actually -
11) past post about this and don't want to get blasted like the last fellow so
forgive me in advance. I am one of those people that really really needs to be
able to access wan ips from the lan interface. I know this has not been
supported at all in the past but I found an FAQ that says Yes! It is now. And
further looking into Beta version 1:
Disables the automatic creation of
NAT redirect rules for access to your public IP addresses from within your
internal networks
That would imply there now is support for
this.
Should it work with a 1:1 setup now?
Stickng it on a separate interface wont work in my
case. I have 50+ servers behind this pfsense (working absolutely wonderfully by
the way) and many of them need to talk to each others public ips. I dont need
client machines to talk to servers, just servers to talk to servers. I've been
using private DNS servers now for the last few months and its really getting
nasty. Some of our domains have 50+ host records and having to duplicate their
records that point to inside ip's is really getting cumbersome.
I have tried this new beta 1 and its not working.
All servers can access outward and their inbound 1:1s seem to work just fine as
they always have.
Also my hats off to you on what I strongly feel is
the best firewall product out there. All of your pre-beta versions are more
stable then any other commercial product I have tried :) Great work! And as a
bench mark for you, we have over 600 broadband users, 50+ servers, 200-300
simultaneous dialups, and 25 lan pcs going out only 2 pfsense boxes. Both with
multi-wan configs.were using P4 2.4GHZ, 1GB RAM and 512MB CF Cards. Runs like a
champ. Were getting ready to throw 2 more boxes in a bridge config and try out
captive portal for those 600 broadband users authenticating them with
freeradius. :)
Thanks in advance,
Tim Roberts
Broadlink Wireless, Inc.
|