Can't access other LAN



  • Hi

    I have a couple of internal LAN's.

    Now MODEM is the last one I added. It looks like this:

    Fritzbox (Manual IP 10.2.0.1 Subnet 255.0.0.0 no DHCP) -> Pfsense

    Pfsense also used this fysical direct connection for the PPPoE.

    There are two connections in the pFsense: the link to the FritzBox modem (it's a router with DHCP off and PPPoE from Pfsense) and the other one to a switch with VLAN's.

    Now I can do a ping to 10.2.0.1 from pfsense, but not from 10.0.0.X (LAN network).
    How is this possible? No strange things in the firewall logs.


    ![Interface MODEM.png](/public/imported_attachments/1/Interface MODEM.png)
    ![Interface MODEM.png_thumb](/public/imported_attachments/1/Interface MODEM.png_thumb)






  • LAYER 8 Global Moderator

    " Subnet 255.0.0.0"

    That says 10.anything is here.. So how could another interface be 10.0… That is same network when you use a mask of 255.0.0.0 ie /8



  • Yes I know. I tried it with 255.255.255.0 before, but I thought maybe the FritzBox router filters some requests. So then I changed it to a wider range to be sure. Both 255.255.255.0 and the current one give the same result.



  • In pfsense and all other clients all is /24.



  • Any tips in debugging this?  :(



  • Have you set it up as described here: https://doc.pfsense.org/index.php/Accessing_modem_from_inside_firewall
    ?

    Check the part of Outbound NAT. You need a rule for the MODEM interface for accessing the FB.



  • Cool, there is actually a HOWTO for this!
    The "Configure a new Interface" part I had right but I didn't know about the "Configure NAT" part.
    The information in it is a bit outdated, I selected Hybrid instead and now it's working!

    ![2017-01-11 15_39_13-Program Manager.png](/public/imported_attachments/1/2017-01-11 15_39_13-Program Manager.png)
    ![2017-01-11 15_39_13-Program Manager.png_thumb](/public/imported_attachments/1/2017-01-11 15_39_13-Program Manager.png_thumb)


Log in to reply