Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't access the LAN from DMZ

    General pfSense Questions
    4
    6
    3.2k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rgomes
      last edited by

      I'm having trouble setting up a DMZ, I've tried everything i could think of, but there is no way I can allow (some) access from the DMZ to the lan.
      In despair, I even setup some rules allowing anything from any to any on both dmz and lan interfaces but still nothing.
      I can access the dmz machines from the lan but not the other way around… I'm losing my patience because I'm pretty sure it should be working.
      Any ideas? thanks

      1 Reply Last reply Reply Quote 0
      • P
        Perry
        last edited by

        http://doc.m0n0.ch/handbook/examples.html

        FYI
        Your topic doesn't really contain any information that would make others able to help you.
        diagram, screenshots, rules etc makes helping easier.

        /Perry
        doc.pfsense.org

        1 Reply Last reply Reply Quote 0
        • R
          rgomes
          last edited by

          i followed those examples, but the rules to allow traffic from the dmz to lan do not work, i don't know what's wrong, i have reseted the firewall to defaults and now only have two rules:

          the default pfsense rule of allow anything from LAN to any

          and I replicated that rule for the dmz, basically just one rule that allows anything from the dmz subnet to any.

          from the dmz I can ping any of the pfsense interfaces, the lan interface and the dmz interface. What i can't do is ping internal lan machines. But from lan to dmz everything seems fine.

          Please tell me any information or tests you might need, thanks

          1 Reply Last reply Reply Quote 0
          • B
            blak111
            last edited by

            Verify that the clients that you are trying to ping use the pfSense as their default gateway. If not, they are sending their ICMP replies through the wrong device.

            1 Reply Last reply Reply Quote 0
            • R
              rgomes
              last edited by

              Holy "insert bad word here"… but of course!
              I knew it had to be some little stupid thing like that.. I was testing pfsense along side our old ipcop firewall and the lan machines were still using the old firewall as gateway...
              Thanks blak111, iou1.

              1 Reply Last reply Reply Quote 0
              • J
                josempinto
                last edited by

                @rgomes:

                I'm having trouble setting up a DMZ, I've tried everything i could think of, but there is no way I can allow (some) access from the DMZ to the lan.
                In despair, I even setup some rules allowing anything from any to any on both dmz and lan interfaces but still nothing.
                I can access the dmz machines from the lan but not the other way around… I'm losing my patience because I'm pretty sure it should be working.
                Any ideas? thanks

                Seams to be an old problem,…

                See This:

                http://forum.pfsense.org/index.php/topic,7316.0.html

                Regards.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.