Pfsense Azure - Internet by WAN and not by Azure
-
I installed Pfsense on Azure from a VHD disk that i have uploaded.
There is 1 network : 172.0.0.0/16
There are 2 subnets : 172.0.0.0/24 (WAN Interface) and 172.0.1.0/24 (LAN Interfaces).
On my Pfsense, i have 2 network interfaces : 172.0.0.5 and 172.0.1.5I have some Windows servers behind my Pfsense. I want that theeses servers go to internet passing by Pfsense.
By default, Azure have a route to go directly on Internet. To change it, i created a "Route Table" on Azure.
I configured this route :Adress prefix : 0.0.0.0/0
Next hop adress : 172.0.1.5With an ICMP rule, i can ping Google from WAN but not from LAN.
Please, is anyone have an idea to help me ?
-
Similar issue here. Have you managed to make it work?
-
@brownie I'm having the same problem on Azure with a pfsense virtual appliance, but in my case I have more vnets connected by peering that I can't connect. How did you solve the problem?
-
@aomiglionni
Hi,
I finally didn't use pfsense on Azure because I didn't need it.
But you certainly have to manipulate the NSG rules. There are some rules created by default by Azure.
I think you have to create rules by disallowing access from/to the internet. You also need to put a lower priority than the default rules. -
Hi @brownie and @aomiglionni, I have the same scenario and I am having the same issue. I have created rules in the nsg allowing all the ports, because, as @Brownie says, the default rules stop all the ports. But the problem of connection persist.