Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Local DNS Records on different subnet

    Scheduled Pinned Locked Moved General pfSense Questions
    87 Posts 5 Posters 9.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • jhmc93J
      jhmc93 @jhmc93
      last edited by

      @jhmc93 wa rulle should i have on firewall

      1 Reply Last reply Reply Quote 0
      • stephenw10S
        stephenw10 Netgate Administrator
        last edited by

        A rule on WAN to pass traffic from your laptop to the internal host. Or to the full LAN side subnet.

        I assume it shows blocked traffic in the log then?

        jhmc93J 1 Reply Last reply Reply Quote 0
        • jhmc93J
          jhmc93 @stephenw10
          last edited by

          @stephenw10 so how would i set the rule
          WAN siide?
          source?
          destination lan subnet?

          1 Reply Last reply Reply Quote 0
          • stephenw10S
            stephenw10 Netgate Administrator
            last edited by

            On the WAN interface.

            Source: The laptop IP address or the full WAN subnet

            Destination: The LAN side host or the full LAN subnet

            Protocol: icmp to allow pings or all to allow any traffic type.

            jhmc93J 1 Reply Last reply Reply Quote 0
            • jhmc93J
              jhmc93 @stephenw10
              last edited by

              @stephenw10 So this is the outcome:
              Screenshot_5.png

              The rule I have set:
              Screenshot_6.png

              1 Reply Last reply Reply Quote 0
              • stephenw10S
                stephenw10 Netgate Administrator
                last edited by stephenw10

                You are pinging 70.86.90.1 but your rule is passing traffic for destination 70.86.90.2. So it's not matching.

                I assume you are seeing those pings blocked in the firewall logs?

                jhmc93J 1 Reply Last reply Reply Quote 0
                • jhmc93J
                  jhmc93 @stephenw10
                  last edited by

                  @stephenw10 yes it must be?? have a look at below picture:
                  Screenshot_7.png

                  1 Reply Last reply Reply Quote 0
                  • patient0P
                    patient0 @jhmc93
                    last edited by patient0

                    @jhmc93 I'm not really following here, just one thing: you'll have to disable the 'Block private networks ...' on your WAN interface if your WAN IP is a private address. Which 192.168.0.75 is.

                    jhmc93J 1 Reply Last reply Reply Quote 1
                    • patient0P patient0 referenced this topic on
                    • jhmc93J
                      jhmc93 @patient0
                      last edited by

                      @patient0 ok thanks

                      1 Reply Last reply Reply Quote 0
                      • stephenw10S
                        stephenw10 Netgate Administrator
                        last edited by

                        Yes if you still had that set it would block it.

                        But check the firewall logs like I said several times. That will show you if it's being blocked and by what rule if it is.

                        jhmc93J 1 Reply Last reply Reply Quote 0
                        • jhmc93J
                          jhmc93 @stephenw10
                          last edited by

                          @stephenw10 ok I will try it later on my test machine

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.