Routing problem with fresh install of 2.3 version
-
Hi All,
this is my first installation of pfSense (version 2.3). I am using a hardware with 3 NICs. I want to use pfSense as a firewall only beside my cable router (FritzBox). Here is a picture:
Cable Router (FritzBox) –- pfSense ----------------- LAN
192.168.140.1/22 192.168.140.100/ 192.168.4.x/22
192.168.4.1For the tests I have disabled firewall and outbound NAT. So in fact pfSense is working only as a router between 192.168.140.x/22 and 192.168.4.x/22 networks.
I have defined WAN as 192.168.140.100 static IP. Then I have set LAN with static IP 192.168.4.1 and DHCP server. (I have disabled OPT 1 interface.) I have also defined a default gateway on WAN interface to 192.168.140.1 (static IP of my cable router).
In this configuration I can not get an access to Internet from my LAN. I have checked with "ping" and I can see, that I can't go to the cable router. These are my tests on a DHCP client (192.168.4.41) from pfSense LAN network:
a) Ping from DHCP client to pfSense (ping 192.168.4.1) works.
b) Ping from DHCP client to WAN interface of pfSense (ping 192.168.140.100) works.
c) Ping from DHCP client to cable modem (ping 192.168.140.1) doesn't work.If I connect with a DHCP client "between" cable modem and pfSense using the network 192.168.140.x, then I can ping both pfSense and cable modem.
Apparently this is an error in my gateway / routing configuration. But I could not find any error. Today I have also updated to 2.3_1 version, but it didn't help.
I have tried to enable firewall but it didn't help. So I have again disabled it.
Any idea?
Thanks in advance
-
With this setup there is a route necessary on the cable router to direct packets for the LAN subnet to pfSense WAN address.
Another option is to re-enable NAT on pfSense and do double NAT.
-
Thank's a lot! Your advice has resolved my problem.