Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Multiple interfaces and PING issues

    Scheduled Pinned Locked Moved Firewalling
    5 Posts 3 Posters 538 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E
      eelaideee
      last edited by

      Pfsense got 2 LAN interfaces,
      Interfaces 1 - 192.168.10.1
      Interfaces 2 - 192.168.20.1

      PC1 - 192.168.10.11 linked to Interfaces 1
      PC2 - 192.168.10.12 linked to Interfaces 1

      PC3 - 192.168.20.111 linked to Interfaces 2

      PC1 and PC2 can PING each others, but PC3 unable to PING PC1 and PC2, only when PC1 or PC2 disable it's Windows's firewall, then just can PING it success.

      How can I PING or access PC1 or PC2 without turn off it's Windows's firewall?

      Thank you for who can help me.
      networksEx.jpg
      networksEx.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        @eelaideee:

        only when PC1 or PC2 disable it's Windows's firewall, then just can PING it success.

        So obviously it's an issue of Windows firewall.

        @eelaideee:

        How can I PING or access PC1 or PC2 without turn off it's Windows's firewall?

        Allow access from 192.168.20.1/? in the Windows firewall.

        1 Reply Last reply Reply Quote 0
        • H
          Harvy66
          last edited by

          I think the default for Windows is to block nearly all incoming traffic from outside of the local subnet.

          1 Reply Last reply Reply Quote 0
          • E
            eelaideee
            last edited by

            @viragomann:

            @eelaideee:

            only when PC1 or PC2 disable it's Windows's firewall, then just can PING it success.

            So obviously it's an issue of Windows firewall.

            @eelaideee:

            How can I PING or access PC1 or PC2 without turn off it's Windows's firewall?

            Allow access from 192.168.20.1/? in the Windows firewall.

            It is because of the some devices such as printer, door access controller plugged to different subnet, PC unable to access it through different subnet, and the devices also can't change any setting like Windows firewall, so I looking is it got any solution on that.

            1 Reply Last reply Reply Quote 0
            • V
              viragomann
              last edited by

              Aside from the sysem firewall only the missing of gateway setting on a device can cause that it isn't possible to access from other subnets.

              The Windows firewall can be modified to allow access from other subnets if needed. Firewall > Advanced Settings > Inbound rules. You can add rules there and set the remote IP ranges which it should match to.

              For devices without the ability to set a gateway (also to outfox Windows firewalls ;)) you can set an outbound NAT rule to masquerade the original source address as a workaround. Firewall > NAT > Outbound
              The outbound NAT has to be switched to hybrid or manual mode.
              Then add a new rule, set the interface to that one the concerned device is attached to, at source enter the other subnet, at translation select "interface address".
              If that rule should only match to a couple of devices you can put these in an alias and use that one at destination instead of any.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.