Ping machines behind pfsense VM router which is behind home router (dd-wrt)



  • I have small ESXi based home lab with complete domain environment for development. I had dd-wrt VM router for this internal lab which is behind my wireless router (DLINK 868L) which is also DD-wrt jailbreaked.

    Recently because of some load balancing requirements, I removed my dd-wrt VM from internal lab and replaced it with latest pfSense CE VM.

    The problem is that I am not able to ping machine from my laptop(on home router) to machine behind pfsense virtual router. It was somewhat easy in dd-wrt and works great.

    Setup is simple router behind router.

    Home Router 192.168.0.5 (advance routing set as gateway)
    pfSense VM 192.168.0.6 -> 10.0.10.1

    Problem is like pinging DC in home lab which is domain controller and also DNS server or ping laptop on home network from this DC. It worked great with 1ms on dd-wrt router but not from pfsense. I can't find article which I used to setup for pair of dd-wrt setup but it was with advance routing and may be with setting firewall command in home router as
    iptables -t nat -I POSTROUTING -o 'get_wanface' -j SNAT --to 'nvram get wan_ipaddr'

    For Dd-wrt, I used one simple article about about setting home router dd-wrt with advance router to be used as gateway

    0_1535055742263_7b6a5b99-bccb-4f79-86cc-b8f989f59e5b-image.png

    I am not advance network professional and can't figure out how to fix it even by searching online.

    Thank you in advance for help...



  • Well, first off pfSense blocks everything coming in to WAN by default, so unless you add a NAT rule to pass through those ICMP packets, nothing will happen. Plus, the Block Private Networks setting will prevent WAN from responding to any private ip traffic unless you remove that restriction.