Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New pfsense setup (RDP)

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    18 Posts 6 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • I
      iAsk
      last edited by iAsk

      Hello

      I have installed pfsense on our home network, just want to try things out.

      so the setup is my main modem to the pfsense then to a switch to the devices.
      The pfsense has a static IP address (assign by the modem) of 192.168.1.15 (WAN side of pfsense)
      then the pfsense local IP is 192.168.100.1, dhcp starts on 192.168.100.5 to 192.168.100.200 .

      I have a server which is connected to the switch with an ip address assigned by the pfsense dhcp.
      (as of now the file server is on 192.168.100.5)

      I cannot RDP into it nor ping any devices that is on the LAN.

      My firewalls rules are all default (Scratch from the fresh install) . My computer is on the same lan as well as the other devices. Oh the only thing I change is from AUTO NAT to Manual NAT

      I think this can be configured thru the firewall and port forwarding?, I know this would be easy to you guys, just a newbie here.

      RDP was working fine before the pfsense, so I'm missing something.

      Thanks in advanced.

      1 Reply Last reply Reply Quote 0
      • N
        netblues
        last edited by

        PF has nothing to do (and no way to control) access to your rdp host from your pc.
        You have some switch issue, or the rdp host has a firewall which blocks everything.
        Research the issue elsewhere. Even if pf was switched off or disconnected it would still make no difference

        1 Reply Last reply Reply Quote 0
        • I
          iAsk
          last edited by iAsk

          Hello

          As I told you before, RDP connection was fine before pfsense was installed, I can use rdp through lan, same setup just remove the pfsense. Window server has firewall turn off, i haven't even touch that.

          1 Reply Last reply Reply Quote 0
          • N
            netblues
            last edited by

            I insist, look elsewhere.
            To begin with, having a server being assigned ip address via dhcp is usually a bad idea, unless there are reasons for that.
            Pf is at the network edge
            Your pc and server are on the same lan
            Your pc locates the ip of the server via arp and lan switch does the rest
            Pf has no idea on that whatsoever.
            Put a static ip on the server
            make sure firewall is off and reboot
            This is windows, Rebooting is needed by design ๐Ÿท

            I 1 Reply Last reply Reply Quote 0
            • I
              iAsk @netblues
              last edited by

              @netblues Okay, Will do that and check.
              One thing that concerns me is that I have also an AP with a static IP address.. i can't even access that nor ping thru my pc.

              1 Reply Last reply Reply Quote 0
              • N
                netblues
                last edited by

                Recheck ip addreses, subnets
                Use static for your pc and server and see if it works.
                And post dhcp configuration from pf

                I 1 Reply Last reply Reply Quote 0
                • I
                  iAsk @netblues
                  last edited by

                  @netblues

                  7fe1a846-f5a7-4aed-8204-ccd96c3255b2-image.png

                  7248b7e0-3815-4b00-9439-0ce6d6de3221-image.png

                  1 Reply Last reply Reply Quote 0
                  • N
                    netblues
                    last edited by

                    Well I don't see the gateway option, but still even if it was wrong/missing you would have no internet But rdp would work.
                    In any case, dhcp is ok for what you are experiencing.
                    The curlpit is elsewhere.

                    I 1 Reply Last reply Reply Quote 0
                    • I
                      iAsk @netblues
                      last edited by

                      @netblues
                      fc1bf5dc-af40-4857-9673-ebd2503ce155-image.png

                      I did not assign a gateway to the lan as it said there, maybe I was wrong, should I add it?

                      1 Reply Last reply Reply Quote 0
                      • N
                        netblues
                        last edited by netblues

                        Not that gateway. The dhcp assigned gw to the clients
                        You must NOT assign a gateway on your lan interface whatsoever.
                        But solve the rdp issue. It is not pf related

                        1 Reply Last reply Reply Quote 0
                        • chpalmerC
                          chpalmer
                          last edited by

                          Have you rebooted the switch? That would be the only other thing besides your client machines that could be causing your issue.

                          Triggering snowflakes one by one..
                          Intel(R) Core(TM) i5-4590T CPU @ 2.00GHz on an M400 WG box.

                          1 Reply Last reply Reply Quote 0
                          • B
                            benman
                            last edited by

                            Do you have port forwarding set up. I had to forward port 80 and 443 to my windows server to use Remote Desktop and Anywhere access.

                            N 1 Reply Last reply Reply Quote 0
                            • jahonixJ
                              jahonix
                              last edited by

                              You do NOT want RDP from public internet forwarded to your server.
                              https://forum.netgate.com/topic/143948/more-details-about-bluekeep-the-microsoft-rdp-vulnerability

                              Microsoft has finally acknowledged flaws in the RDP implementation and NSA is begging admins to at least install all current patches.
                              The question is not if your server gets owned but when (hours or days).

                              Only way to play RDP safely is by a VPN to your pfSense.

                              1 Reply Last reply Reply Quote 1
                              • N
                                netblues @benman
                                last edited by

                                @benman said in New pfsense setup (RDP):

                                Do you have port forwarding set up. I had to forward port 80 and 443 to my windows server to use Remote Desktop and Anywhere access.

                                Gentlemen.. WHAT are you TALKING about?
                                This is a same subnet connectivity issue.
                                Why on earth would anyone need to port forward, and more specifically 80 and 443 for rdp in any scenario?

                                1 Reply Last reply Reply Quote 0
                                • JeGrJ
                                  JeGr LAYER 8 Moderator
                                  last edited by

                                  @netblues said in New pfsense setup (RDP):

                                  @benman said in New pfsense setup (RDP):

                                  Do you have port forwarding set up. I had to forward port 80 and 443 to my windows server to use Remote Desktop and Anywhere access.

                                  Gentlemen.. WHAT are you TALKING about?
                                  This is a same subnet connectivity issue.
                                  Why on earth would anyone need to port forward, and more specifically 80 and 443 for rdp in any scenario?

                                  I was asking that myself. Also I'm worried about

                                  @iAsk said in New pfsense setup (RDP):

                                  One thing that concerns me is that I have also an AP with a static IP address.. i can't even access that nor ping thru my pc.

                                  as that sounds pretty much like a LAN side issue to me. Switch+AP+Server+Client - IF are in the same network 192.168.100.x like above - should have no problem seeing each other. Otherwise that's a switch/IP problem on that network. Nothing to do with pfSense so far but with networking/cabling problems AFAIR.

                                  Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

                                  If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                                  B 1 Reply Last reply Reply Quote 0
                                  • jahonixJ
                                    jahonix
                                    last edited by

                                    I was referring to the fact that it worked before dropping in a router. Connecting host to host on the same broadcast domain must work, that traffic never reaches the router.

                                    Two possible scenarios:

                                    • access through the router
                                    • layer8 problem and setup is messed up.

                                    Maybe I interpreted too much in user's abilities.

                                    @iAsk: can you post a schematic of your network layout, please. That would take the guesswork out.

                                    1 Reply Last reply Reply Quote 0
                                    • B
                                      benman @JeGr
                                      last edited by

                                      @JeGr Apologies, I was half asleep when I was replying to this, I was thinking about anywhere access and getting all the Remote Desktop settings from the Server Website.

                                      JeGrJ 1 Reply Last reply Reply Quote 0
                                      • JeGrJ
                                        JeGr LAYER 8 Moderator @benman
                                        last edited by

                                        @benman No offense taken - just curious :)

                                        Don't forget to upvote ๐Ÿ‘ those who kindly offered their time and brainpower to help you!

                                        If you're interested, I'm available to discuss details of German-speaking paid support (for companies) if needed.

                                        1 Reply Last reply Reply Quote 0
                                        • First post
                                          Last post
                                        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.