Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Secondary subnet not able to access pfSense on LAN interface (DNS service)

    Scheduled Pinned Locked Moved Routing and Multi WAN
    5 Posts 2 Posters 882 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      chris567
      last edited by

      Hi,
      I have a set with 2 routers.
      pfSense is connected to internet router on WAN interface and to internal LAN on LAN interface.
      LAN subnet is 192.168.192.0/24

      I have a client on the 192.168.192.0/24 subnet, I'm able to https to pfSense (192.168.192.100) and use pfSense as the DNS resolver

      But I have another router which is used for vpn access.
      vpn clients get an ip on the 192.168.0.0/24 subnet

      they can reach the machines on LAN subnet, but can't access the pfSense box (https/dns/ping).

      My main issue is that I want them to use the DNS of pfSense.
      If I point my vpn clients to another DNS on the LAN subnet it works, but this is the legacy DNS I want to replace with pfsense.

      So the question is how can I access pfsense on the LAN interface from a different secondary subnet ?

      I have allowed any to access on ports 443, 53 LAN interface

      I also have set in System /Advanced /Firewall&NAT
      Static route filtering  X Bypass firewall rules for traffic on the same interface

      Thank you for your help

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        Add a static route for 192.168.0.0/24 pointing on the other router.

        1 Reply Last reply Reply Quote 0
        • C
          chris567
          last edited by

          Thank you it solved my issue.
          I'm surprised my legacy DNS server didn't need the static route as well.

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            Me too. Maybe you have replaced the other router by pfSense, but the legacy DNS server still uses the old router as gateway?

            1 Reply Last reply Reply Quote 0
            • C
              chris567
              last edited by

              you are right !
              Thank you.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.