LAN to WAN NAT

BryBry

Hi folks,

Fairly new to PFSENSE/Networking in general and was hoping someone could advise here. :)

Not sure if this is entirely possible, but;

I am currently setting up a virtual LAN, connected to a PFSense firewall/router with a external IP.
I am trying to get workstations on the LAN IP's to go through PFSense's public IP for internet access.
Every time I attempt to set this up, I run into issues, eventually lose my patience and give up, cannot seem to work out how to do this.

I am currently running a server on Win10Pro with HyperVisor;
PFSense is connected to both an external virtual switch with the public IP, as well as the internal virtual switch used by the workstations, and configured with the IP 192.168.1.1.
Workstations are only connected to the internal virtual switch and are only configured on the 192.168.1.x range.
I want to have all LAN IP's on the range 192.168.1.x to route through the firewall using its external IP address so that I can access the internet from a workstation, showing up as the IP of the firewall.

If someone could point me in the direction of a guide, or run me through how to configure this, it would be much appreciated.

Thanks!

GruensFroeschli

The configuration you describe is what pfSense defaults to after the initial setup.

Did you do any configuration changes after the initial setup?

BryBry

@GruensFroeschli

I can access the firewall from the workstation, but I cannot access the internet from the workstation.

For example:
Firewall: 192.168.1.1 & External IP
Workstation: 192.168.1.2

I can login to the workstation, and access the webGUI of the PFSENSE system by going to my browser and searching 192.168.1.1.
However I cannot go through the firewall, and to the web.
The PFSENSE external and internal IP both ping.

I have not made any changes to the firewall since installation. (deleted all the rules I made when previously attempted to set this up)

Thanks.

GruensFroeschli

Did you set the WAN address statically?
Did you configure a default gateway?

BryBry

@GruensFroeschli

Please see the attached images for the workstation and PFSENSE LAN config.

The PFSENSE external IP is set to static and the gateway is specified.

Thanks,

BryBry

I have absolutely no idea how I fixed it, but I started setting up a AD DS & DNS server on the workstation, and it now appears to be able to ping.

If you would have any idea how this fixed it, Im all ears, otherwise, thanks for the help. :)

johnpoz

Not sure what you did wrong.. But this what pfsense does out of the box there is almost zero configuration needed.

But from you posted client config I can tell why "internet' wouldn't work in that setup - is you have NO dns… So how would the client look up www.google.com for example

BryBry

I can understand your concern regarding DNS, but it couldn't access any network, and was not able to ping IPs directly.

Might just be a case of end user stupidity, and in deleting and re-entering some IP's, I might have fixed the issue.

Thanks,

viragomann

Your pfSense has internet access? You can verify this at the dashboard in the Version section. If it is able to search for updates, it has access to the internet.

If pfSense has internet access, do your LAN rules also allow access to the clients?