• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Can't access the LAN from DMZ

Scheduled Pinned Locked Moved General pfSense Questions
6 Posts 4 Posters 3.2k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R
    rgomes
    last edited by Jun 2, 2008, 2:35 PM

    I'm having trouble setting up a DMZ, I've tried everything i could think of, but there is no way I can allow (some) access from the DMZ to the lan.
    In despair, I even setup some rules allowing anything from any to any on both dmz and lan interfaces but still nothing.
    I can access the dmz machines from the lan but not the other way around… I'm losing my patience because I'm pretty sure it should be working.
    Any ideas? thanks

    1 Reply Last reply Reply Quote 0
    • P
      Perry
      last edited by Jun 2, 2008, 3:00 PM

      http://doc.m0n0.ch/handbook/examples.html

      FYI
      Your topic doesn't really contain any information that would make others able to help you.
      diagram, screenshots, rules etc makes helping easier.

      /Perry
      doc.pfsense.org

      1 Reply Last reply Reply Quote 0
      • R
        rgomes
        last edited by Jun 2, 2008, 3:09 PM

        i followed those examples, but the rules to allow traffic from the dmz to lan do not work, i don't know what's wrong, i have reseted the firewall to defaults and now only have two rules:

        the default pfsense rule of allow anything from LAN to any

        and I replicated that rule for the dmz, basically just one rule that allows anything from the dmz subnet to any.

        from the dmz I can ping any of the pfsense interfaces, the lan interface and the dmz interface. What i can't do is ping internal lan machines. But from lan to dmz everything seems fine.

        Please tell me any information or tests you might need, thanks

        1 Reply Last reply Reply Quote 0
        • B
          blak111
          last edited by Jun 2, 2008, 3:36 PM

          Verify that the clients that you are trying to ping use the pfSense as their default gateway. If not, they are sending their ICMP replies through the wrong device.

          1 Reply Last reply Reply Quote 0
          • R
            rgomes
            last edited by Jun 3, 2008, 8:36 AM

            Holy "insert bad word here"… but of course!
            I knew it had to be some little stupid thing like that.. I was testing pfsense along side our old ipcop firewall and the lan machines were still using the old firewall as gateway...
            Thanks blak111, iou1.

            1 Reply Last reply Reply Quote 0
            • J
              josempinto
              last edited by Jun 5, 2008, 9:42 AM

              @rgomes:

              I'm having trouble setting up a DMZ, I've tried everything i could think of, but there is no way I can allow (some) access from the DMZ to the lan.
              In despair, I even setup some rules allowing anything from any to any on both dmz and lan interfaces but still nothing.
              I can access the dmz machines from the lan but not the other way around… I'm losing my patience because I'm pretty sure it should be working.
              Any ideas? thanks

              Seams to be an old problem,…

              See This:

              http://forum.pfsense.org/index.php/topic,7316.0.html

              Regards.

              1 Reply Last reply Reply Quote 0
              4 out of 6
              • First post
                4/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                This community forum collects and processes your personal information.
                consent.not_received