Routing traffic through pfSense

Posted April 6, 2020 2.8k views

I have two droplets. pfSense and WEBSRV.

I want to be able to route any incoming/outgoing traffic that hits WEBSRV through the pfSense droplet. Is this possible?

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

Submit an Answer
3 answers

Yes, you need to enable ip forwarding in your pfsense and configure NAT. Then, in the webserver, you’ll have to add the private ip of your pfsense as the gateway and make changes like shown here:

  • I did follow all these instructions:

    My webserver cannot be accessed from internet, I think something is missing in my pfSense Firewall/NAT/Port Forward configuration which right now is set to allow any connection to SHH, HTTP & HTTPS.
    Interface/Protocol/Source Address/Source Ports/Dest. Address/Dest. Ports /NAT IP/NAT Ports/Description
    WAN/TCP///WAN address/22(SSH)/<private IP webserver>/22(SSH)/Allow SSH)
    WAN/TCP///WAN address/443(HTTPS)/<private IP webserver>/443(HTTPS)/Allow HTTPS)
    WAN/TCP///WAN address/80(HTTP)/<private IP webserver>/80(HTTP)/Allow HTTPS)

    Any suggestions?

How can I enable IP Forwarding on PfSense and how congirue NAT ?

I think NAT from LAN to WAN is already configured by default on PfSense NAT

how did you resolve this? what is the best practice and most secure way?