Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Pfsense on esxi - Rules not working

    Virtualization
    2
    3
    641
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tRixst3r
      last edited by

      Hi,

      I'll start by saying i'm new to pfsense, and this is my first post.

      I'm having problems getting pfsense working on a private network. This is not the first time I've come across this issue but I cant seem to find it online, last time I had this problem I ended up using a different firewall / router OS.

      I have pfsense installed on my esxi box, with three adapters, WAN, LAN and OPT1.
      WAN sits on a private network, lets say 192.168.0.0/24 and LAN and OPT1 are also 172.16.x.x networks.

      Firstly, on setup I have unchecked the box thats allows access to the webui from RFC1918 addresses, but still the only way I can access the webui from the 192.168.0.0 network is to disable the firewall. I've even added the following rule too:
      easyrule pass wan tcp 192.168.0.50 192.168.0.51 443

      where 192.168.0.50 is my home PC and 192.168.0.51 is the WAN interface.

      Secondly, I have created another VM which connects to OPT1 on the 172.16.0.0 network, this VM can ping (when disabled) both the OPT1 and WAN interface IPs but not the gateway I have set up in my WAN configuration so it cannot access the 192.168.0.0 network (and so cant access the internet). I have gateway set to none on the OPT1 interface as per the docs.

      Am I missing something? I'd like to stick with pfsense as I love the functionality of it but i'm unable to get this fundamental setup completed. I have also installed the Open VM Tools package in the hope that it would solve my problem, and it hasn't.

      Any suggestions would be greatly appreciated, last time this happened I gave up (admittedly too early) and installed I think opnsense which worked straight away with a similar setup.

      Thanks!

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        Post a screenshot of your WAN rule.  It's usually a simple thing to allow this, although its always recommended to VPN in instead.  That doesn't matter for your test config.

        Have you seen this?

        https://doc.pfsense.org/index.php/Remote_firewall_Administration

        1 Reply Last reply Reply Quote 0
        • T
          tRixst3r
          last edited by

          I went back and looked at the WAN rule before I was going to screenshot it and I saw my mistake, under destination I had manually put in the WAN IP address. I changed it to "WAN address" and its working now, so thanks for that.

          I'm still having issues with getting the VM connected. I've pretty much left everything default with regard to this, I'm not sure if I need some NATing rule?

          I had a look through the doc you send me, I appreciate that in a normal setup using a VPN would be better but this is purely to separate my VM network from my home network so i'm not fussed about the security hole of having the webui accessible from my home network, i'll never be accessing it from public address space.

          Thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.