Help Firewall cant connect to lan servers on special ports
-
Help setup of firewall rules
Here is my setup
pfsense => wan => internet
pfsense => lan => switch using fiber modules
using 10.2.2.0/24 range
i have internet working some what but i cant connect to lan servers on specific ports.
can connect to truenas server on regular ports of 80 but cant connect to pihole on port 10003 and unifi controler on port 8443.
bolth pi hole and unifi are on a special ip address on 10.2.2.204
truenas is accessable on 10.2.2.239
also using 2 dhcp servers one on 10.2.2.1 and one on 10.2.2.3
can disconnect 10.2.2.3 via ethernet cable.
also need help on pfsense dhcp server and not giving out ip address correctly
Thanks
Shawn
-
@dragonfixed00 said in Help Firewall cant connect to lan servers on special ports:
but cant connect to pihole on port 10003 and unifi controler on port 8443.
From where?
-
From lan
-
@dragonfixed00 pfsense has nothing to do with devices on the same network, ie your lan from talking to each other.
As to dhcp, are you devices using a 169.254.x.x address - this is common for devices to give themselves a random IP in this range when they can not talk to a dhcp server.
-
no they are using 10.2.2.0/24
-
@dragonfixed00
Are you trying to access them by the public IP? Otherwise the traffic won't pass pfSense as said. -
accessing them on lan only
-
@dragonfixed00 well then what do you think is wrong with dhcp?
also need help on pfsense dhcp server and not giving out ip address correctly
And again 10.2.2.X talking to 10.2.2.Y has nothing to do with pfsense.
-
Becasue the ports i am using are not standard 80 or 443
-
@dragonfixed00 huh? Doesn't matter what ports client A or client B want to use when talking to each other when they are on the same network - pfsense is not involved in that conversation at all.
And not sure what that has to do with your statement that dhcp is not giving out IPs correctly?
-
As far as dhcp the on pfsense is concerned is that the lease expires 2 fast ane i cant get to the internet
-
@dragonfixed00 lease expires too soon? Pretty sure it defaults to 2 hours, but you can adjust that - I have mine set to like 4 days.
So dhcp would normally hand out its own IP on the interface for dns and the gateway..
Can your client ping pfsense IP, can it do dns - use your fav tool, dig, nslookup, host on the client and validate it can resolve say www.google.com
What rules do you have on the interface? Do you have any rules in floating?
If this is a new interface and not lan - there would be no rules, and you would have to create them. Unlike lan which defaults to a any any rule.
