Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Connectionproblems with WAN Network

    Scheduled Pinned Locked Moved Firewalling
    4 Posts 4 Posters 812 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      ClepToManix
      last edited by

      Hello @ all,

      I have installed pfSense on an old Terra Black Dwarf to trail pfSense.
      Before I installed pfSense I had a Sophos installed.
      My pfsense has the basic configuration
      My problem is that i can not access the wan network from the lan network. I have tested it with an any any any rule on both interfaces(wan and lan)
      My network configuration:
      Router/FritzBox : 10.0.0.1
      WAN pfSense : 10.0.0.2
      LAN pfSense: 192.168.150.1

      The pfSense has connection to the internet because i have installed one package.
      From the WAN Network i can ping and access the Wan interface from the pfsense.

      Hope anyone can help me ^^
      And sorry for my bad english :D

      I attache 3 images from my firewall rules



      1 Reply Last reply Reply Quote 0
      • A
        Alesk13Fr
        last edited by

        Hi,

        I'm not sure to understand your need, you want access Internet from LAN Subnet ?

        If I'm right, I need to see your WAN configuration, you probably not set a gateway on your interface (WAN).

        Where do you come from (first language) ?

        Best regards,
        Alex.

        1 Reply Last reply Reply Quote 0
        • johnpozJ
          johnpoz LAYER 8 Global Moderator
          last edited by

          what are you trying to access on your wan network??  Where do the devices on that network point for their gateway.. Did you disable nat.. Yeah kind of need to see your wan connection setup, it points to 10.0.0.1 for its gateway?  You have no gateway on your lan do you?

          Also all those rules you added on your lan completely pointless..

          You put a any any on your wan - that is just BAD BAD BAD BAD idea..

          An intelligent man is sometimes forced to be drunk to spend time with his fools
          If you get confused: Listen to the Music Play
          Please don't Chat/PM me for help, unless mod related
          SG-4860 24.11 | Lab VMs 2.8, 24.11

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            And I see lots of rules that are TCP-only. Ping is not TCP, it is ICMP.

            Too many mistakes there to enumerate. Since you are so early in the process I would probably factory reset and start over.

            Accessing WAN from LAN is not governed by rules on WAN, but on LAN, and the default rules allow it so you were adding horribly open rules reducing your security for zero gain in solving the problem at-hand.

            If you do not see the packets in question blocked in the Status > System Logs, Firewall adding a rule generally will not help.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.