Port forwarding using Pfsense firewall

Problem statement :

We have to create two servers on two different machines (Windows and Linux) and create a website page that we want to access from the outside network. Now we want when we will put port:8000 then the Windows machine's website should be accessed, and when we put port:80 then the Linux website should be visible.

Requirement :

Virtual machines : 3

• Create:

• one virtual machine having Pfsense

• one virtual machine having Linux (I've installed Centos 7.9)

• one virtual machine having a Windows server (my version: 2016)

And need Snort installed in Pfsense

Now machine set up:

Pfsense

Virtual Machine settings:

Network Adapters: NAT, HOST-ONLY

Now configure pfsense

Give IP and check if pfsense is getting both LAN & WAN IP addresses

Here I've given IP: 10.10.10.140 (FOR Pfsense LAN IP)

If you want to know how to install and configure Pfsense

Click Here for Pfsense installation & configuration)

After configuration, it'll look something like this :

Linux (Centos7)

Network Adapters: HOST-ONLY

Now configure IP for the same

•   nmtui
  

• manual IP

• Set IP: 10.10.10.142 (In the same network as pfsense LAN IP)

• Gateway: 10.10.10.140 (IP of Pfsense)

• DNS: 192.168.100.2 (WAN IP of pfsense to access the internet)

Now check if you are getting the same IP that you've given

•   ip a
  

Now Webserver installation and creation of webpage HTML file

• Install httpd (Apache server to host webpage)

yum install httpd -y

Create webpage

cd /var/www/html/vim index.html 
Enter your content and save

MAKE SURE THE NAME SHOULD ONLY BE "index.html" or else it'll not host and will consider httpd default page

Windows Server 2016

Network Adapters: HOST-ONLY

Now configure IP for the same

• manual IP > Set IP: 10.10.10.143 (In the same network as pfsense LAN IP)

• Gateway: 10.10.10.140 (IP of Pfsense)

• DNS: 192.168.100.2 (WAN IP of pfsense to access the internet)

Now configure the web server for the same

Open server manager to create a server:

let's start:

• Step 1

  • Local Server

  • Add roles and features

• Step 2

  • Next

• Step 3

  • Role-based or feature-based installation

  • Next

• Step 4

  • Select from the server pool

  • Next

• Step 5

  • Select Web Server IIS from the list

  • Next

• Step 6

  • Next

• Step 7

  • Install

Finally, on server manager, you can see the created server

Create web page

• Go to C-Drive

  • Search for inetpub

  • wwwroot

  • inetpub/wwwroot/ (This is a path)

• Create a folder to store your HTML file

• Then create html file and enter the content as per your wish

Now configure the web server

• Go to server manager

  • Local server

• Step 1

  • IIS

• Step 2

  • Internet information services manager (IIS)

• Step 3

  • Right-click on sites to create a new add path for the file.

• Step 4

  • Bindings

• Step 5

  • Add IP and port number

• Step 6

  • Close

Allow port 80 in the Windows firewall

• Step 1

  • Inbound rules

  • New rule

• Step 2

  • Port

  • Next

• Step 3

  • Specific local ports

  • 80

  • next

• Step 4

  • Allow the connection

  • next

• Step 5

  • Select all

  • next

• Step 6

  • Give name

  • finish

New rule added

Pfsense settings

Goto Firewall > NAT > Port forwarding

• HOME

• ADD

Redirect target IP

Single Host and IP address of the server

Redirect target PORT > HTTP

Services > SNORT > Interface settings > WAN - RULES

Add custom rules for port forwarding

Rules added

Access both websites on the outer browser

Linux machine Webpage on port: 80

Windows Server Webpage on port: 8000

Hence in this way, we can achieve our problem statement.