Not able to ping other devices then the pfsense
-
Hello,
i just installed one pfsense (public ip x.x.x.x, lan ip 10.100.0.2) and one proxmox backup server (lan ip 10.100.0.3) with 2 Hetzner Cloud Server. I conneced those two server with a hetzner virtual swtich. I can ping the one machine from the other and vice versa. Now i tried to setup wireguard client connection (home network 192.168.22.0), using serveral youtube videos and instructions. Wireguard connecting is enable and I can ping the pfsense (10.100.0.2), but i cannot ping my wireguard client from the pfsense (tunnel ip 172.16.1.2 or local address) and I am also unable to ping the proxmox backup server (10.100.0.2). I post some screenshots from my config, i hope somebody can help me. Thanks.
![10.jpg] -
-
-
@viragomann said in Not able to ping other devices then the pfsense:
Tried already, no change. And i do not want a site to site vpn, i only want one client connect to the pfsense.
-
@weyon668
So I misunderstood, was assuming you're trying a site-to-site.So why want you access the client from the server site then?
Access is possibly blocked by the client's firewall.I am also unable to ping the proxmox backup server (10.100.0.2).
From where? pfSense or client?
-
I just want to access all my cloud and dedicated server via one VPN with my client pc, no matter where i am. I can only ping the pfsense from my pc, i cannot ping the proxmox servers. But the pfsense can ping my proxmox server and vice versa.
-
@weyon668 did you miss where @viragomann stated could be blocked by firewall of where your trying to ping..
So I vpn into pfsense and get some vpn tunnel IP a.b.c.d --- Why should some device on your network allow this IP to ping it? Windows for example only allows IPs on its own network to ping it, etc.
This same question comes up like every other day to be honest.. That great you vpn into your network.. Doesn't mean the devices are going to want to talk to some IP it has no clue about.. Either turn off the firewall on your devices you want to talk to, or config them to allow your vpn tunnel network.
-
@weyon668
In Proxmox disable the Firewall on the Datacenter layer and on the node. Then try again to access it from the remote client.If this works then, configure proper rules and enable it again.
-
@johnpoz said in Not able to ping other devices then the pfsense:
@weyon668 did you miss where @viragomann stated could be blocked by firewall of where your trying to ping..
So I vpn into pfsense and get some vpn tunnel IP a.b.c.d --- Why should some device on your network allow this IP to ping it? Windows for example only allows IPs on its own network to ping it, etc.
This same question comes up like every other day to be honest.. That great you vpn into your network.. Doesn't mean the devices are going to want to talk to some IP it has no clue about.. Either turn off the firewall on your devices you want to talk to, or config them to allow your vpn tunnel network.
Why should the firewall block ping? When i ping from one cloud server to the other, ping works fine. Only from my wireguard client connection i can only ping my pfsense and not the other cloud device. And the rules, which network can connect are already set, what you see on my screen shots from the pfsense.
-
@viragomann said in Not able to ping other devices then the pfsense:
@weyon668
In Proxmox disable the Firewall on the Datacenter layer and on the node. Then try again to access it from the remote client.If this works then, configure proper rules and enable it again.
All firewalls on my cloud servers are already disabled (just for testing purpose).
-
@weyon668 here is what I would suggest you do then.
Your stuff your trying to get to is on your lan network? You can ping your pfsense lan IP.. Ok now sniff on your lan interface for icmp and your destination IP.. Do you see the ping go on?
If so and you get no answer, then the device your pinging is not answering, or he is sending the answer to something other than pfsense..
Here I connected to my openvpn on my phone via a cell connection - and pinging my nas..
That 10.0.8.2 is my phone, you can see it sends on the ping request, and in my setup my nas is answering.. Are you not seeing the ech request go out towards your devices IP your trying to ping?
