Cant ping to LAN

SamTzu

I have been testing pfSense on KVM virtual platform and it seems to work fine. NAT & Firewall rules work (both directions) but for some reason I can't ping private addresses. Not even with IP's. Any ideas? Maybe a routing issue?

Sam

podilarius

There is a rule on WAN that block private IPs. You can turn this off in the WAN interface properties.

SamTzu

That's not it.
What could be the reason that FW work's "normally" but can not use any internal services (like DNS?)
I'm thinking it must be a routing issue.

Ping output:

PING 10.10.10.10 (10.10.10.10) from 10.0.0.1: 56 data bytes
36 bytes from localhost (127.0.0.1): Redirect Host(New addr: 10.0.0.1)
Vr HL TOS  Len  ID Flg  off TTL Pro  cks      Src      Dst
4  5  00 0054 2e64  0 0000  40  01 2e31 10.0.0.1  10.10.10.10

36 bytes from localhost (127.0.0.1): Redirect Host(New addr: 10.0.0.1)
Vr HL TOS  Len  ID Flg  off TTL Pro  cks      Src      Dst
4  5  00 0054 2e64  0 0000  3f  01 2f31 10.0.0.1  10.10.10.10

podilarius

Are you trying to access the machine via the WAN or LAN interface? Unless LAN and WAN on in the same subnet, there should not be a routing issue.

stephenw10

Are 10.0.0.0/24 and 10.10.10.0/24 the subnets you're using for WAN and LAN? If not what are they?

Steve

SamTzu

Nope. The network is 10.0.0.0/8.
Internal DNS server is 10.10.10.0/8. pfSense should be able to ping it.
I have tried to use both NIC's to ping without success.

podilarius

What address/subnet are you using on the WAN side? I don't use KVM, but in some virtual software, you need to enable promiscuous mode for this to work.