Can't reach DMZ hosts from LAN - worked in 2.0
-
Hi Everyone,
After upgrading to 2.1.x, hosts in DMZ can't be reached from LAN. DMZ and LAN are two subnets under pfSense. There was no such issue in 2.0.x.
Any idea? We tried adding pass rule in LAN interface from LAN to DMZ and allow rule in DMZ interface from LAN to DMZ but it's still not working.
Thanks!
Pub -
Hi there.
Can you post a screenshot of your LAN and DMZ rules?
What hardware/Nics are you using?
-
Hi there,
Thanks for replying. Here are the screenshots of the rules:
LAN: https://www.diigo.com/item/image/4dji/ctp9
DMZ: https://www.diigo.com/item/image/4dji/henv
We're using Asus EEE PC laptops with Trendnet Gigabit USB NICs - we've been on this hardware for last 3 years without any issue.
Pub
-
Put the rule allowing traffic from LAN to DMZ to the top! Your current top rule on LAN interface handles any destination (also DMZ) and routes traffic to a specific gateway which assumedly cannot reach DMZ.
-
See my thread here
https://forum.pfsense.org/index.php?topic=75358.msg411290