IPSEC on pfSense VM using single LAN port - no internet access after connecting



  • Hi all,

    I've got a non-standard pfSense setup, and I'm hoping the community can point me in the right direction.

    My LAN is setup as such:

    Internet –> Cable Modem --> Netgear Router providing NAT and DHCP --> pfSense virtual machine

    The pfSense virtual machine has two virtual network ports, but both are tied to the same physical port.

    WAN in pfSense is set to DHCP, receives a static IP of 192.168.10.210 from my Netgear Router.  Port forwarding from Netgear router passes VPN traffic to 192.168.10.210.

    LAN in pfSense is set to manual, 192.168.10.2.

    IPSEC hands out addresses in 10.10.10.0/24.
    IPSEC provides DNS of 8.8.8.8 and 8.8.4.4
    Since the WAN is also part of my internal network, I have the firewall wide open (pass all traffic on all ports)

    I'm able to connect remotely, and can access local network hosts, but I cannot get out to the internet when connected to the VPN. I don't believe it is a DNS issue as I cannot reach internet sites using their raw IP address.

    Outbound NAT rules are auto-generated and seem to be correct.

    Any ideas? Thanks in advance! I'd post screenshots but I made a change to my config that broke my connection and I'm not home to fix it :D Can add those later if they will be helpful.



  • OK, fixed it - for anyone else trying a setup like this, the key for me was to set the Local Network setting to WAN network instead of LAN network, and setting NAT/BINAT to "none."

    Working like a champ now!


Log in to reply