Project

General

Profile

Actions

Feature #3546

closed

AWS EC2 User data option to permit RFC1918 addresses on WAN interface

Added by tall tree almost 11 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Installer
Target version:
-
Start date:
03/26/2014
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:

Description

Using the current pfSense AWS AMI (ami-6fdf4055), it is not currently possible to connect to a pfsense firewall that is not on a public subnet. So for a network design that is two pfSense firewalls deep, the internal firewall can only see private addresses arriving at it's WAN interface and is therefore unreachable due to the default deny RFC1918 rule. The ideal solution would be a User data option when launching the instance, such as "permit_wan_rfc1918=true" would do the trick. I tried setting mgmtnet=10.x.y.z but the default "Block private networks" rule takes priority.

Actions #1

Updated by Chris Buechler over 10 years ago

  • Target version deleted (2.1.1)
  • Affected Version deleted (2.1)
Actions #2

Updated by Chris Buechler about 9 years ago

  • Status changed from New to Resolved

we disabled this by default in AWS starting with v2.2.4

Actions

Also available in: Atom PDF