Allowing ping from WAN to LAN and vice versa



  • I'm sure this is very simple, however I am a second year networking student working on my final project and this is my first time using pfsense, so any guidance would be appreciated! Thanks

    All of this is being done in a virtual environment. I do not know what the back end "connections" look like, especially regarding the Cloud/WAN environment. Here's my topology

    I have a LAN connected to a WAN via pfsense firewall.

    WAN interface IP is 195.168.0.1
    LAN interface IP is 192.168.0.254

    Prior to this step, I set up a PPTP VPN as per my instructions. This VPN seems to be working fine, as I can connect to it via one of my WAN clients.

    The last thing I'm supposed to do for this phase is add rules to allow ping from LAN to WAN and vice versa.

    So I navigated to Firewall > Rules.

    Under WAN I added a rule to allow ICMP from any source, to any destination.

    I did the same thing under LAN.

    And to be safe, the same thing under my VPN.

    I clicked apply. I then went to a client on my LAN and a client on my WAN to test ping. I can ping to the appropriate default gateways of course, but not to the other side. (Windows = LAN, Ubuntu = WAN)

    I didn't even bother to try to ping each client since I can't even get past the router anyway.

    So what did I do wrong lol.

    NAT has not been set up at all, that is part of the next "phase" for my project, so I haven't even touched NAT settings. Cursory searches for similar issues point to NAT issues, but yeah. Am I not gonna be able to ping until after NAT is set up regardless or what?

    Any direction, reading material, etc. would be nice. Again, I'm a student so please be patient with me. Thanks :]


  • LAYER 8 Global Moderator

    "I set up a PPTP VPN as per my instructions. "

    WTF??  So are you taking a 10 year old class or something?  PPTP has been DEAD for 5 years.. ;)

    So your not natting?  Out of the box pfsense will nat.. So allowing ping on your wan not going to do much trying to ping stuff behind the nat.



  • @johnpoz:

    "I set up a PPTP VPN as per my instructions. "

    WTF??  So are you taking a 10 year old class or something?  PPTP has been DEAD for 5 years.. ;)

    So your not natting?  Out of the box pfsense will nat.. So allowing ping on your wan not going to do much trying to ping stuff behind the nat.

    Yeah idk, they said for simplicity to set up a PPTP VPN lol. Prior to this I had only ever learned about VPNs through Cisco, with PPP being one of the things we focused on IIRC. I guess they didn't wanna confuse us too much? I was talking to my buddy about it too and he was like "Uh why are they having you use PPTP? OpenVPN is so much better." Part of me wanted to try OpenVPN just because of that, but I guess I'll have to play around with it some other time because I've run out of time for this project.

    As for the NAT, oye. Okay. Its just confusing not knowing some of the backend stuff going on here. I swear when I went to my NAT settings it said nothing was configured at all though…


Log in to reply