@atari It just seems to be disabled. Simply point the mouse over the check mark next to the trash at the right side and click to re-enable it.

@kasproso https://docs.netgate.com/pfsense/en/latest/nat/1-1.html#nat NAT 1:1 does network address translation on both, inbound and outbound traffic. The interface you want apply this might be WAN rather than an internal interface, naturally.

@chriss199815 said in Do I need a Route from Lan to WAN: I use it to segregate the Network in a clean fasson. That would be accomplish with say 10.0.0/24 and 10.0.1/24, or say 10.0.0/24 and 172.16.0/24 ;) What ya going to do if you use 10/8 and 192.168/16 and 172.16/12 for your 3 segments if you happen to need a 4th segment ;) rfc1918 is huge amount of space - but not so much if you use up one of the 3 network ranges on 1 segment... Well if your clients are not getting dhcp from pfsense, it would indicate they are not actually connected to a pfsense network - and then yeah that would explain why they can not get to the internet through pfsense ;) So you see no dhcp discover in pfsense logs? How exactly do you have pfsense and clients connected to your network? Is there some VM involved?

Thanks! I'll check situation according your advice.

Hello, I am a newcomer, I have just updated, I am still waiting...

@smalldragoon said in Send Traffic from 1 host to a specific GW: anything in PFSense preventing RFC1918 Each interface has a "Block private networks and loopback addresses" checkbox but that would normally be for inbound traffic.

@viragomann I think this is the best approach. Initially I thought I would like to route other vms through it, but pfsense is taking care about all the traffic, so I'll definitely try this out :)

@dkyyz said in Routing between LAN fails, traceroute shows traffic goes to WAN ONLY: Firewall rules are like routing rules (not sure if my wording is correct) If you policy route with them sure.. https://docs.netgate.com/pfsense/en/latest/multiwan/policy-route.html#bypassing-policy-routing

@cb4718 If NordVPN is your default route ("Don't pull routes" unchecked in the client settings) the access server OpenVPN tunnel should be routed to NordVPN as well. If it isn't and you're routing the traffic to NordVPN using policy routing rules you have also to set up policy routing on the OpenVPN interface for the tunnel network. Consider that you will also need to add an outbound NAT rule to the NordVPN interface for the tunnel network.

@thomasyang If you want them on the same network, see this doc on Configuring the Switch Ports. Alternatively, plug a switch into LAN and then you have four ports.

@johnpoz There are no hosts on 10.43.0.0/24. This network is just used for the link between FW1 and FW2 via crossover cable (FW1 NIC Port 3 (IP 10.43.0.1) to FW2 NIC Port 2 (IP 10.43.0.2)). That VPN Box is eventually misplaced. OpenVPN is actually running on the OPNsense box. ... I may have just figured out what was missing in this very moment, after some more try & error and your response. I can ping FW1 from FW2. The reason seems to be that for the crossover cabling the option "This interface does not require an intermediate system to act as a gateway" needed to be enabled on the interface. I will give some further feedback after more testing. Edit: My bad, That was just a terrible mistake when testing. I still cannot reach FW2 from FW1 or vice versa. Do I need to setup a gateway?

BUMP