Problem with pfSense in virtual environment



  • I install a micro lab in virtual box in my laptop for testing, the lab consist in a pfSense box a Debian server and a Ubuntu client. My host machine is a Laptop ruining windows 10.

    The debian and ubuntu box have just 1 nic (internal 192.168.1.x) and the pfSense have 3
    1- Bridged (wan) 10.0.0.x (DHCP from my router)
    2- Internal (Lan1) 192.168.1.x
    3- Host only (opt1) 192.168.2.x

    The host machine have 10.0.0.x ip from my router (DHCP)

    I can ping from any guest to my host machine 10.0.0.x and the main Lan 192.168.1.x. From my Host machine i can ping to the Wan interface of pfSense and i can access via web browser (10.0.0.x), BUT i can't ping or acces any machine in the internal network 192.168.1.x ( debian or ubuntu ) from my host but at the same time i can ping to Lan1 interface 192.168.1.1 from the host (windows 10 machine).

    At the first time i think was a firewall problem because when i try to access the web interface of pfsense from my hot machine on the Lan interface (192.168.1.1) say connection rejected. But i create rules on every interface to allow all traffic and still not working.



  • @jenifermendonza said in Problem with pfSense in virtual environment:

    al switches that may or may not be connected to a physical NIC.
    You could now build this kind of architecture :
    phyNIC <-> vSwitch1 <-> pfsenseVM <-> vSwitch2 <-> other VMs
    Pretty simple to manage at this scale.
    Think about it the bridge is below the network stack for the laptop (os does not matter). The pfsense box has its own mac address. If you inspect the ISP router you should see both IP a

    thanks for your answer but thats not the case maybe i don't explain right.

    I have my Laptop (DHCP) 10.0.0.101 (Window 10)
    on this i running VirtualBox from Oracle with 3 Box

    Box 1- pfSense
    this have 3 interfaces (virutal)
    1- Bridged mode (DHCP) for wan port 10.0.0.110
    2- internal Network LAN1 192.168.1.1 (runing DHCP for the virtual internal network)
    3- host Only 192.168.2.1 (actually disable)

    Box 2- Ubuntu 192.168.1.101 (Getting ip from DHCP)

    Box 3 - Debian 192.168.1.102 (Guetting ip from DHCP)

    When i go to Box 2 or box 3 and ping to 10.0.0.1 (physical router) or My laptop 10.0.0.101 the ping is successful. The machines have internet normally. And i can access the pfSense Box trough 10.0.0. 110 or 192.168.1.1

    When i in my Laptop (windows) 10.0.0.101 and ping 10.0.0.110 (WAN interface of pfSense) is ok and i can access the web interface on this ip (10.0.0.110). If i ping 192.168.1.1 (LAN1 interface of pfSense box) the ping is successful but when i try to access the web interface the web browser say that connection has been refused. If i try to ping to any of my boxes 192.168.1.101 or 102 the ping is unsuccessful.

    I'm really don't have any clue what can be because the ping is successful when go from virtual machine to real machine but when go real machine to virtual drop all the packages


  • Netgate Administrator

    The question really is why you are able to ping the pfSense LAN IP from the host because I would not expect you to be able to.

    Do you have any port forwards configured? Static routing anywhere?

    Are you sure that's pfSense responding to the pings? Does it appear in the state table? If so on which interface?

    Steve



  • @stephenw10

    yes im really sure about that, i can ping from my windows machine to 192.168.1.1 (lan interface virtual).
    I dont configure any routing or port forwards just add a firewall rule to allow all traffic in all interface (wan and lan)
    yes Pfsense are respondig. were i can find that state table?