Help with traffic between LAN OPT1 and OPT2
-
Hi Guys
I just starting my adventure with PFsense and already having lot of problems with it.
I cannot communicate/ping between computers on different subnets.
Ok here is my network:comp1|| [192.168.100.30]–----[LAN-de0: 192.168.100.3]–||PFSENSE router||-- [OPT1-de1: 192.168.110.1] –---- [192.168.110.234] ||comp2||
|
|
[OPT2-de2: 192.168.120.1]
|
|
|
[192.168.120.235] ||comp3What I would like to do to be able to communicate between each computers.
This is what I tried so far:
=> from shell i typed: pfctl -d (disable firewall) after that each computer is able to ping relating NIC on pfsense router but nothing else.
=> setup firewall rules for each NIC like that:
For OPT1 NIC:
Pass any from OPT1 subnet to LAN subnet
and similar for every other NIC.
After that im not able to ping anything and Im loosing webGUI connection.To clarify i have no internet connection there, all I want to do is to setup connections between each machine so I can manipulate Packet Delay & Packet Loss, for example I will be pinging from comp1 to comp2 while packet loss will be 20% and from comp1 to comp3 while packet loss will be 50%.
Anybody can help me?
Thanks -
that sounds like simple routing. I would try then to setup a rule that say LAN subnet to any (on the lan interface rules). THen setup OPT1 subnet to any on opt1 … was there a WAN used? either way though, go into Firewall -> NAT -> Outbound NAT. Set it to manual and remove any rules that are auto created. Then perform a reboot to clear any left overs.
-
that sounds like simple routing. I would try then to setup a rule that say LAN subnet to any (on the lan interface rules). THen setup OPT1 subnet to any on opt1 … was there a WAN used? either way though, go into Firewall -> NAT -> Outbound NAT. Set it to manual and remove any rules that are auto created. Then perform a reboot to clear any left overs.
That really works!
-I deleted all rules
-I set NAT to manual
-I let LAN,OPT1 and OPT2 to talk to ANY on ANY portstill wasn't working. Then I decide to check route tables on each machines - BINGO!
I added route on each machine and Its all working now!
Thank You for Your help!damn! pfsense is really simple! I just need to pay attention what I'm doing.
THANKS! -
Good!
I guess you added persistent static routes? Can you share example?
Best regards
Kostas
-
Ok
for example:
LAN machine IP address - 192.168.110.235
OPT1 machine IP address - 192.168.120.234pfsense OPT1 NIC - 192.168.120.1
pfsense LAN NIC - 192.168.110.1To allow LAN machine to communicate witp OPT1 machine, I opened CMD on LAN machine and typed:
route ADD 192.168.0.0 MASK 255.255.0.0 192.168.110.1 METRIC 10 -pThat basically transfer all the transfer for 192.168.x.x to the pfsense nic 192.168.110.1. Doing that Im able to "drop packets" or "slow down" packets. If You having only one subnet I guess You could use subnet 255.255.255.0 to limit traffic.
I used mask 255.255.0.0 basically to be able to communicate with other subnets that I will create in the future.
I hope this is clear enough.
Thanks