LAN devices cannot access devices that are in the same network as pfSense box.
-
This post is deleted! -
Probably has something to do with the way rules on WAN use route-to and reply-to to ensure things go to and back to the gateway. It's unusual for such traffic to be necessary to devices on the WAN segment.
Or try adding a floating rule (out, quick, to the WAN subnet) to pass traffic out so it doesn't get route-to sending it via the gateway first.
-
@hackathy said in LAN devices cannot access devices that are in the same network as pfSense box.:
I have completely opened up the firewall to effectively be open on all types of connections to no improvement.
How exactly did you do that - so you turned off NAT? Out of the box pfsense would nat this traffic and clients on your lan talking to your would just look look pfsense wan IP talking to them.
if your having issues sounds like make you turned off nat and are trying to do downstream router and running into an asymmetrical routing problem?
Please give more detail of your configuration.
-
This post is deleted! -
This post is deleted! -
out of the box lan rules are ANY ANY anyway... Just post a screenshot of your rules!
-
This post is deleted! -
Are you running some soft of vpn client setup?
Here is the thing out of the box rules on lan are any any... And pfsense will nat all from its lan to its wan IP.
So if your WAN network is 10.1.1.0/24 with pfsense wan IP being 10.1.1.1
And your lan network is 10.1.2/24 then all clients will look like they are 10.1.1.1 when they talk to your wan network, ie pfsense wan IP.If I had to "GUESS" to your problem your forcing traffic out some vpn gateway on your lan rules - which we would know if you could post a simple screenshot vs making gifs with zero information in them.
Other guess would be you have the wrong mask on your clients and they think that 10.1.1 is the same network as 10.1.2 say example a /8 which is what windows would default mask too, etc. etc. So how about you post up a config of your clients.. Show a traceroute to say 10.1.1.1 and one to 8.8.8.8
And post up a picture of your lan rules - and validate your not using any sort of vpn, and or is your clients pointing to any sort of proxy or using their own vpn client.
-
This post is deleted!