Pfsense block ICMP echo reply from WAN to OPT1
-
well if you want to access from rfc1918 to networks behind pfsense via your going to have to remove that rfc1918 block for starters.
If you want to use pfsense as a downstream network from your cisco then there should be a transit network and nat should only happen then talking to the internet and your cisco should nat all your downstream networks, etc.
Or you should just double nat everything behind pfsense, etc.
Why are you using vlan 10? Are you setting the vlans up in pfsense - what does your vswitch/port group do with the vlan(s) what do you have set on this port group, etc. etc..
But you do NOT put the same network on multiple interfaces... And if your wanting to nat from rfc1918 to rfc1918 you going to have to remove that rfc1918 block.
-
-
I tried to disable the blocking of rfc1918 but here is the error message:
-
Dude why do you have so many physical interfaces?
And you firewall 2 with how many interfaces? All in the same network?
Then you have all of those same interfaces in firewall 2 also in vlan port group..
Yeah that screams a MESS!!
And yeah told you pfsense shouldn't even let you put overlapping networks on multiple interfaces!!
-
I guess you already have a working LAN adapter on pfsense and OPT1 is your additional lan network.
if that is the case then please create a new firewall rule to allow packets to pass(which you told you created already) and then in your newly created firewall rule , try changing/selecting the protocols which should be set as any by default).
