Actions
Feature #3546
closedAWS EC2 User data option to permit RFC1918 addresses on WAN interface
Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Installer
Target version:
-
Start date:
03/26/2014
Due date:
% Done:
0%
Estimated time:
Plus Target Version:
Release Notes:
Description
Using the current pfSense AWS AMI (ami-6fdf4055), it is not currently possible to connect to a pfsense firewall that is not on a public subnet. So for a network design that is two pfSense firewalls deep, the internal firewall can only see private addresses arriving at it's WAN interface and is therefore unreachable due to the default deny RFC1918 rule. The ideal solution would be a User data option when launching the instance, such as "permit_wan_rfc1918=true" would do the trick. I tried setting mgmtnet=10.x.y.z but the default "Block private networks" rule takes priority.
Updated by Chris Buechler over 10 years ago
- Target version deleted (
2.1.1) - Affected Version deleted (
2.1)
Updated by Chris Buechler about 9 years ago
- Status changed from New to Resolved
we disabled this by default in AWS starting with v2.2.4
Actions