Secondary subnet not able to access pfSense on LAN interface (DNS service)
I have a set with 2 routers.
pfSense is connected to internet router on WAN interface and to internal LAN on LAN interface.
LAN subnet is 192.168.192.0/24
I have a client on the 192.168.192.0/24 subnet, I'm able to https to pfSense (192.168.192.100) and use pfSense as the DNS resolver
But I have another router which is used for vpn access.
vpn clients get an ip on the 192.168.0.0/24 subnet
they can reach the machines on LAN subnet, but can't access the pfSense box (https/dns/ping).
My main issue is that I want them to use the DNS of pfSense.
If I point my vpn clients to another DNS on the LAN subnet it works, but this is the legacy DNS I want to replace with pfsense.
So the question is how can I access pfsense on the LAN interface from a different secondary subnet ?
I have allowed any to access on ports 443, 53 LAN interface
I also have set in System /Advanced /Firewall&NAT
Static route filtering X Bypass firewall rules for traffic on the same interface
Thank you for your help
Add a static route for 192.168.0.0/24 pointing on the other router.
Thank you it solved my issue.
I'm surprised my legacy DNS server didn't need the static route as well.
Me too. Maybe you have replaced the other router by pfSense, but the legacy DNS server still uses the old router as gateway?
you are right !