Firewall Rule to Allow RDP from WAN to LAN......Need help
-
How are you pinging it if not connected??? Your saying you never pinged it from a physical device?
How do you have it setup, what are you using for a VM host software?
-
@johnpoz said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
How are you pinging it if not connected??? Your saying you never pinged it from a physical device?
I never said that I am unable to connect to LAN network. I am saying that unable to browse the internet from my physical device connected through LAN network..
How do you have it setup, what are you using for a VM host software?
I have windows 2012 R2 in my physical host and VMware workstation as host software..
I have two physical NIC in my host..
one is connected (ie) bridged to pfsense WAN and
Second NIC is bridged with pfsense LAN -
Pls find below my network connected :
-
@DINU said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
Pls find below my network connected :
In your drawing, two devices have the same IP address. Virtual Machine #3 (DHCP and Sec DNS) is shown as having IP 192.168.30.11, but so is the Windows 10 Laptop machine shown hanging off the external switch. That won't work. Is it a typo?
-
@bmeeks said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
@DINU said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
Pls find below my network connected :
In your drawing, two devices have the same IP address. Virtual Machine #3 (DHCP and Sec DNS) is shown as having IP 192.168.30.11, but so is the Windows 10 Laptop machine shown hanging off the external switch. That won't work. Is it a typo?
it is typo error Windows 10 Laptop is 192.168.30.111
-
@DINU said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
@bmeeks said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
@DINU said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
Pls find below my network connected :
In your drawing, two devices have the same IP address. Virtual Machine #3 (DHCP and Sec DNS) is shown as having IP 192.168.30.11, but so is the Windows 10 Laptop machine shown hanging off the external switch. That won't work. Is it a typo?
it is typo error Windows 10 Laptop is 192.168.30.111
I just noticed another issue that hopefully is also a typo. You have the Asus router shown with IP 192.168.30.100, but you are also showing that same IP address apparently assigned to the eth1 interface on the VM Physical Host. That can't be correct.
And the external switch you are showing, is it a dumb switch or a managed switch? If managed, are any VLANs defined in it and is at least one trunk port configured?
And which hypervisor are you using? Is it ESXi, Hyper-V or something else?
-
@bmeeks said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
I just noticed another issue that hopefully is also a typo. You have the Asus router shown with IP 192.168.30.100, but you are also showing that same IP address apparently assigned to the eth1 interface on the VM Physical Host. That can't be correct.
YEs that is also typo error eth1 is 192.168.30.150
And the external switch you are showing, is it a dumb switch or a managed switch? If managed, are any VLANs defined in it and is at least one trunk port configured?
It is managed no Vlans or trunk port configured. When I am trying to use same subnet in the LAN, internet is not working in External devices.. then no use of using VLAN hereAnd which hypervisor are you using? Is it ESXi, Hyper-V or something else?
Vmware workstation -
@johnpoz :
Thanks a ton johnpoz for your help and spending your valuable time to check the issue and provided the solution.....
Issue is resolved, I can able to access the internet from my external LAN devices through wifi and through switch as well...
(i) Issue is with pfsense in System => General Setup => DNS Server that was pointed to WAN_IP I have changed to none and added local DNS as well and it started working fine.
(ii) I have tried another way of using all interfaces to go through pfsense DNS of creating NAT port forward DNS 53 to 127.0.0.1 and solved the issue..
But (i) looks good and I have used that..
Thanks Once again !!!!
-
@DINU said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
(i) Issue is with pfsense in System => General Setup => DNS Server that was pointed to WAN_IP I have changed to none and added local DNS as well and it started working fine.
Sorry but NO... That would have zero to do with it.. You would of gotten an answer from unbound if running.. What you put in general has ZERO to do with that unless you had changed it to forwarder?
And would of had zero to do with your client talking to 8.8.8.8 for dns.. So whatever you think the problem was - it sure wasn't that..
So your now redirecting dns?? I had asked you before if you were doing such thing.. Which sure that could of cause you all kinds of grief if that was setup wrong. Which you could of validated in like 2 seconds with as simple sniff that you could actually even talk to pfsense for dns.
-
@johnpoz said in Firewall Rule to Allow RDP from WAN to LAN......Need help:
Sorry but NO... That would have zero to do with it.. You would of gotten an answer from unbound if running.. What you put in general has ZERO to do with that unless you had changed it to forwarder?
And would of had zero to do with your client talking to 8.8.8.8 for dns.. So whatever you think the problem was - it sure wasn't that..
So your now redirecting dns?? I had asked you before if you were doing such thing.. Which sure that could of cause you all kinds of grief if that was setup wrong. Which you could of validated in like 2 seconds with as simple sniff that you could actually even talk to pfsense for dns.I went into deep dive and found the biggest culprit is SEP (Symantec Endpoint protection)....
If I enable firewall it is not allowing DNS , If i disable it is working...
In symantec in firewall it has to "Allow IP Traffic" not "Allow only application traffic" this SEP culprit made me mad...
Thanks Again...
