Access device connected to 2nd router behind pfsense
-
@Drunk3nSlang said in Access device connected to 2nd router behind pfsense:
My problem is I can't SSH to a device connected to the router from 10.0.0.0 or my DDNS.
You will need to add a static route on the device in 10.0.0.0 for the network behind the router pointing to 10.0.0.4.
As well you need to add a static route to pfSense to get access from outside.
-
@viragomann could you please elaborate. I've tried every combination I could think of and still can't get it to work.
-
I would expect his dd-wrt is doing NAT... So no he wouldn't need to route.. Only if its just routing and not natting would he need to setup any routing or a gateway.
If that is the case then he is going to run into asymmetrical routing more than likely because his transit this 10.0.0 network has hosts on it.. If you going to use a downstream router then you need a actual transit network.
-
@johnpoz yes I have double Nat. I'm running a skyminer behind the second router and want it to be separate from my home network.
-
And your pfSense has only two network interfaces available and you have no VLAN capable switch?
-
This post is deleted! -
@viragomann said in Access device connected to 2nd router behind pfsense:
And your pfSense has only two network interfaces available and you have no VLAN capable switch?
Yes I wish I would have bought a double nic card. I think I can do VLAN on the ddwrt
-
Well if your doublenatting to get to stuff behind the dd-wrt you would need to setup port forwarding on the dd-wrt and hit the wan IP of dd-wrt to get forwarded.. There is zero to do on pfsense for such a setup to work.
-
@johnpoz I tried that. My problem is I have pfsense tunneling the static IP of the ddwrt through expressvpn. Port forwarding works as long as I'm not tunneling. Maybe the VPN is enough to isolate skyminer traffic from my home network and I can just use the ddwrt as a switch?
The skyminer acts as it's own VPN that ppl can tunnel through so I need to tunnel its traffic so it's not coming from my ip
-
@johnpoz FML thanks for your help. I didn't click the enable check box on the port forward on the wrt.