Possible bug?
-
I found something pretty strange today.
Setting up the rules correctly, I still wasn't able to ping between two completely independent subnets, connected to the pfsense box. Until I bridged them, but once I unbridged them, they still work. Rules work properly, since one of the subnets is the DMZ, I cannot access the LAN from there but certainly the other way around (again, as per the rules)
ASCII art:
WAN –------ PFSense ----------LAN 192.168.1.0/22
|
|
---------------DMZ 10.0.0.0/24 (I refer to this as the Orange subnet)rules:
LAN
Proto Source Port Destination Port Gateway Schedule
* LAN net * Orange net * *Orange
Proto Source Port Destination Port Gateway Schedule
* LAN net * Orange net * *Of Course, the subnets are defined as Aliases and they're right.
TIA
-
Your rule on the DMZ interface doesn't make much sense.
(LAN-subnet as source on an interface without LAN-subnet IPs).
Also did you reset the states between tests? -
Sorry for the incredibly late reply, but by the time you answered I had left the office and then the next day I had surgery.
So sorry.For some odd reason, if both rules are not in place, traffic will not move between the networks. I tried that till I got googly-eyed becaue I found it baffling.
No, I didn't reset the tables, but on Saturday (first day I get back to work) I'll be sure to try it then.
Cheers.
-
When you make a bridge, it is not fully destroyed until you reboot, even if you disable it in the GUI.