Need routing help
-
New to pfSense so need a bit of help.
My setup is attached. Not the total but the affected bits. My issues is the PC2 can ping PC1 no problem at all and can use explorer to open shared drives on PC1.I cannot however get PC1 to see PC2 at all. Cannot ping anything on the 192.168.1.0 subnet. Assume it is a routing issue so added a route on PC1 using "route add 192.168.1.0 mask 255.255.255.0 192.168.0.14" given that the *.14 is the WAN side of pfSense. Still getting nothing.
The 192.168.0.0 side is the WAN interface of the pfSense and the 192.168.1.0 is the LAN side.
Can anyone please help as it is the only part I have not got working yet.
-
In the pfSense WAN interface settings you have to remove the check at "Block private networks".
Also you have to add a firewall rule to WAN interface to permit the access from 192.168.0.0/24.
Consider that such a rule also open up access from outside if your internet route forwards traffic to pfSense and if it does NAT on incoming traffic how some routers do by default. So best practice is to shut off NAT on incoming packets. -
I already had removed the check from "Block Private Networks" and I though the rule I had should have done it. I have included the rule below and I thought that this should do it or do I have to be more specific?
-
This rule allows only TCP protocol. To enable pings, you have also to allow ICMP.
-
Okay thanks I overlooked that part. Put it in and I can now ping 192.168.1.1 from 192.168.0.11. I still cannot ping 192.168.1.10 which is the ftp server Filezilla is on (Windows 10 machine). Maybe a Windows 10 firewall rule but I can ping all my other Windows 10 machines okay on the 192.168.0.0 subnet. I can however access the FTP server now so that is what I was after so I am good to go.
Thanks for the help
-
Yes, the Windows Firewall blocks access from other network segments by default.