Strange routing issue
-
Hi new pfsense user here so suspect I am doing something dumb so apologies in advance!
I am trying to setup the following:
I would like:- Trusted devices to be able to access the untrusted devices (IoT mostly) and the internet.
- Guest to only access internet
- Untrusted to be able to access nothing.
My current issue seems to be routing based as I am able to ping from a laptop on the trusted vlan to another on the untrusted and vice versa but no response. On both devices Windows is set to allow pings (confirmed working both ways when on the same network)
I suspect I am missing something obvious so would appreciate some pointers!
-
pfSense must be the default gateway on all devices, of course.
@michaeljones32 said in Strange routing issue:
Windows is set to allow pings (confirmed working both ways when on the same network)
That would be the point. The Windows firewall allows the ping when the source is on the same subnet, but doesn't if the source is outside.
You can simply test that on pfSense directly using the Ping tool from the Diagnostic menu.
Enter the IP of the Windows machine you want to check and hit ping. You should get responses.
Then select another interface from the "Source address" drop-town and try again. pfSense now uses the IP of the selected interface as source.
Do you still get a response now? -
Yes you are absolutely right! I never realised Windows had this limitation. I have just tested with linux on a live usb and it works! Thanks so much!
-
@michaeljones32 said in Strange routing issue:
I never realised Windows had this limitation.
You can allow access from outside its subnet by adding a rule to the Windows firewall.