Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Need routing help

    Scheduled Pinned Locked Moved Routing and Multi WAN
    6 Posts 2 Posters 716 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • V
      veldthui
      last edited by

      New to pfSense so need a bit of help.
      My setup is attached. Not the total but the affected bits. My issues is the PC2 can ping PC1 no problem at all and can use explorer to open shared drives on PC1.

      I cannot however get PC1 to see PC2 at all. Cannot ping anything on the 192.168.1.0 subnet. Assume it is a routing issue so added a route on PC1 using "route add 192.168.1.0 mask 255.255.255.0 192.168.0.14" given that the *.14 is the WAN side of pfSense. Still getting nothing.

      The 192.168.0.0 side is the WAN interface of the pfSense and the 192.168.1.0 is the LAN side.

      Can anyone please help as it is the only part I have not got working yet.

      Network.JPG_thumb
      Network.JPG

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        In the pfSense WAN interface settings you have to remove the check at "Block private networks".
        Also you have to add a firewall rule to WAN interface to permit the access from 192.168.0.0/24.
        Consider that such a rule also open up access from outside if your internet route forwards traffic to pfSense and if it does NAT on incoming traffic how some routers do by default. So best practice is to shut off NAT on incoming packets.

        1 Reply Last reply Reply Quote 0
        • V
          veldthui
          last edited by

          I already had removed the check from "Block Private Networks" and I though the rule I had should have done it. I have included the rule below and I thought that this should do it or do I have to be more specific?

          Rules.JPG
          Rules.JPG_thumb

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            This rule allows only TCP protocol. To enable pings, you have also to allow ICMP.

            1 Reply Last reply Reply Quote 0
            • V
              veldthui
              last edited by

              Okay thanks I overlooked that part. Put it in and I can now ping 192.168.1.1 from 192.168.0.11. I still cannot ping 192.168.1.10 which is the ftp server Filezilla is on (Windows 10 machine). Maybe a Windows 10 firewall rule but I can ping all my other Windows 10 machines okay on the 192.168.0.0 subnet. I can however access the FTP server now so that is what I was after so I am good to go.

              Thanks for the help

              1 Reply Last reply Reply Quote 0
              • V
                viragomann
                last edited by

                Yes, the Windows Firewall blocks access from other network segments by default.

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.