Cannot ping LAN interface

hindersahtarra

I cannot ping from DESKTOP(192.168.1.10) to my LAPTOP(192.168.20.10).
My DESKTOP(192.168.1.10) also cannot ping pfsense LAN ADDRESS(192.168.20.1).
My desktop can only ping as far as pfsense WAN ADDRESS(192.168.2.1).
In the other hand my LAPTOP(192.168.20.10) has no trouble ping my DESKTOP(192.168.1.10).
I already open my firewall to pass all incoming traffic both on WAN and on LAN.
pfSense ver2.4.5

Please help and guide me.
Thank you very much

JKnott

@hindersahtarra

Why do you have both pfSense and the Linksys router? You're double NATing. You also have the desktop and pfSense on different subnets,

hindersahtarra

Unfortunately I can't physically get access to both the modem and the router, I only have access to Wi-Fi sginal and one ethernet cabel coming out of the router. Is there any documentation about double NATing? or I need to stay away from double NAT and use bridge mode instead?

DaddyGo

there is nothing left, but to go forward

in turn you drew nicely:

https://docs.netgate.com/pfsense/en/latest/book/routing/static-routes.html
https://forum.netgate.com/topic/154139/routing-for-dual-pfsense-routers

dual-NAT is not good, only the original issue PING will be solved with the above

edit: if you can't access the original CPE (modem) physically, it will be difficult, but yes bridge-mode is the best you can do to avoid dual-NAT

edit: (somehow the Linksys should also be removed from the "image" in the case of the bridge)

hindersahtarra

Thank you for the advice. I will try my best to avoid dual-NAT, but there is no harm to at least give it a try

JKnott

@hindersahtarra

What is the purpose of pfSense in your network? Do you need additional firewall between the Linksys router and the laptop? Also, does that Linksys actually provide different subnets?

hindersahtarra

@JKnott
Main purpose of the pfSense is to get better control/logging over the traffic between Desktop and Laptop. Considering this old linksys only have some kind of a basic firewall, it would be nice if pfSense can give additional firewall feature.
Linksys only provide 1 subnet. The LAN side of the pfSense configured to be different subnet as the linksys.

JKnott

@hindersahtarra said in Cannot ping LAN interface:

Linksys only provide 1 subnet. The LAN side of the pfSense configured to be different subnet as the linksys.

You have the desktop and WAN side of pfSense on different subnets, even though they both appear to be connected to the Linksys.