Not able to access the server



  • I have one server in my 'admin' vlan.Users in my 'admin' vlan can easily able to access that server.I have 15 VLAN's more.Rest of the VLAN's user does not able to access that server in the 'admin' vlan.Please help me.
    Thanks in advance.
    Surajit Chakraborty0_1531850994228_inside the rule from lan.png 0_1531851008242_lab1.png 0_1531851018782_lan.png 0_1531851029470_vlan segment.png


  • Rebel Alliance Global Moderator

    So which direction are you going - what is your "admin" vlan the lan or this dbmslab?

    If your trying to access something from lan - your open any any tcp. So if you can not access something via tcp from lan then look to end device your trying to access having host firewall? Or not using pfsense as its gateway? Or maybe your trying to access it via UDP?

    If your trying to access from this dbmslab vlan to somewhere? You will need to validate devices are listed in your aliases, etc. And if they then see my comments about your lan and host firewall, etc.



  • @johnpoz In my 'admin' vlan the server is residing. It's another vlan like other 18 vlans.From other vlan's I want to access the server . I am using TCP/UDP as protocol from all the vlan's.Since my server is in the 'admin' vlan, I am able to access the server from the 'admin' vlan easily. But from the other vlan I am not able to access. And about the host, the firewall is off. I am getting the ping reply from the server, seating in the same vlan.And the server is included in the alliased.I am submiting my LAN diagram also.Waiting for your help.
    0_1531940461463_alliases.png ![0_1531940510190_NSEC LAN Diagram (1).jpg](/assets/uploads/files/1531940502067-nsec-lan-diagram-1-resized.jpg0_1531940538064_NSEC LAN Diagram (1).jpg )


  • Rebel Alliance Global Moderator

    And what is the NOTICE warning you have - possible it didn't load your rules?

    So what vlan is this server in? Which vlan from this drawing 1, 2, 3, 4, 5 ? Where are you trying to access it from on what port? What is the source and destination IPs?

    You list 1 alias - which is what your internalservers? What about your aliases your using for source?

    Why are you blocking bogon on your local networks? How and the F could there ever be bogon as source from your own network?? Did you validate that rfc1918 is removed from bogon? Which it is normally a part of - pfsense is suppose to pull it out.

    But what version of pfsense are you running - that gui looks pretty dated..



  • @johnpoz
    The notice warning I am getting is '' The Site can't be reached 172.16.65.245 took too long to respond'.
    My server is in 1st vlan and the vlan name is 'admin'. Admin vlan network is"172.16.65.0' and the server ip is 172.16.65.245
    My direction is towards 172.16.65.245, from any vlan.
    I am writing the rule in this manner that from any vlan
    Action=Pass
    Interface=vlan name
    TCP/IP version=4
    Protocol=TCP/UDP[Since download is related there]
    source=any
    Destination=Choosing single host ot alias, puting the alias name.
    Save abd exit.
    By the by I want to inform you that I am using 2.2.3 version of pfsense



  • @surajitit said in Not able to access the server:

    I am using 2.2.3 version of pfsense

    Keep in mind this doubles your problem.
    You could have a set-up problem between the VLAN settings on the pfSense side, and the smart L2 switch,
    Or
    You discovered a pfSense VLAN bug as solved years ago ...

    @surajitit said in Not able to access the server:

    Destination=Choosing single host ot alias, puting the alias name.

    That's the option's comment, what is the actual Destination ?


  • Rebel Alliance Global Moderator

    2.2.3 is over 3 years old and no longer supported version. You should be on 2.3.5 p2 if you don't want to move to the 2.4 line.

    Come back when your on a currently supported version, if you are still having issues.