I have a pfSense server running with one interface only (WAN). The WAN interface has DHCP IP from ISP, and it got IP like 172.100.200.101. They have Public IP system just like AWS, so I attached a public IP with the instance however, I can't access pfsense using Public IP.
I have created HTTP and HTTPS rules to access pfSense remotely, which works fine when I connect from another VM on the same subnet using 172.100.200.101 IP. Security Group is open still no success.
I'm pretty much confused that what I'm missing. Thanks
答案1
Correct me if I am wrong but pfsense is a router and should have been configured with two interfaces. Traditionally one interface is for WAN connection and one interface is for LAN connection.
Have you heard about CC-NAT? (Carrier-grade NAT usually prevents the ISP customers from using port forwarding, because the network address translation (NAT) is usually implemented by mapping ports of the NAT devices in the network to other ports in the external interface.)
I would check this possibility. If you had LAN interface you would be able to connect a computer to it and would be able to browse the https://whatismyipaddress.com that would show up your real public IP address and you would be able to compare that you've got from your ISP.
If your ISP uses this technique you will not be able to connect to the WAN interface of your pfsense from the internet. (There is an option but that's a different topic.)