How To : Configure Physical Firewall bypassed to Customer virtual PFSense (AIMS)

  Cloud Physical Firewall, Public Cloud

Login to Phoenix Firewall, go to Network > Address Object > Click Add

P.S: Always do backup before do any changes on firewall

1. Add Virtual PFsense IP

  • Name: [CustomerName] SDN WAN IP
  • Zone Assignment: Select TCloudTenantSD
  • Type: Host
  • IP Address: 172.20.10.xxx

2. Add Public WAN IP

  • Name: [CustomerName] Public WAN IP
  • Zone Assignment: Select WAN
  • Type: Host
  • IP Address: 103.86.178.xxx

Go to Network >NAT Policies > Add

1. Add NAT Policies

  • Original Source: Any
  • Translated Source: Original
  • Original Destination: [CustomerName] Public WAN IP
  • Translated Destination: [CustomerName] SDN WAN IP
  • Original Service: Any
  • Translated Service: Original
  • Inbound Interface: Any
  • Outbound Interface: Any
  • Enable NAT Policy: Checked
  • Create a Reflexive policy: Checked

Go to Firewall > Access Rules > Add

1. Add Acccess Rules

  • Action: Allow
  • From: WAN
  • To: TCloudTenants
  • Source Port: Any
  • Service: Any
  • Source: Any
  • Destination: [CustomerName] Public WAN IP
  • Users Included: All
  • Users Excluded: None
  • Schedule: Always on

Done!