Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Allowing traffic between several networks

    Scheduled Pinned Locked Moved Firewalling
    7 Posts 3 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bitsrunner
      last edited by

      I'm setting up a PFsense firewall for the first time, I'm going to have 4 or 5 networks in the office that I want to have specific access to specific resources.

      I've got the firewall setup and working, and have access to the internet on the interfaces, have the DHCP server running, but I cannot get access to the OPT2 Interface from the LAN interface, I specifcally need access to only 1 IP address on the OPT2 interface (its a intranet webserver that runs a PHP/MYsql app)

      Using the PING tool from the console of the server and from the WebGUI I can access (ping) the host on my OPT2 interface. So I'm sure its a firewalling rule somewhere that I'm lacking.

      I have a rule on the OPT2 firewall saying any traffic from any source going to 192.168.0.66 (the IP of my php/mysql server) allow. But to no avail?

      Is there something I'm doing wrong? This is something PFsense should be able to accomplish correct? Or am I missing something simple?

      1 Reply Last reply Reply Quote 0
      • jahonixJ
        jahonix
        last edited by

        @bitsrunner:

        … access to the OPT2 Interface ...
        ... rule on the OPT2 firewall saying allow any traffic from any source going to the IP of my server)...

        On the OPT2 rules tab you define which traffic originating from OPT2 network is allowed and where to.
        To access OPT2 from LAN you have to create a rule on the LAN tab. Similar for your other interfaces.

        Rules on an interface are always and only defined for traffic INTO your pfSense box.

        1 Reply Last reply Reply Quote 0
        • B
          bitsrunner
          last edited by

          Thanks for the fast response Chris

          I've added a rule on the LAN tab that allows access from the LAN interface to OPT2, i've tried it with several configurations, allowing access to a specific IP and allowing access to the entire subnet, neither way seemed to work. Any suggestions anyone? Thanks again in advance!

          1 Reply Last reply Reply Quote 0
          • GruensFroeschliG
            GruensFroeschli
            last edited by

            Can you show screenshots of your rules?
            Sometimes people confuse the "OPT1 interface" with the "OPT1 subnet" choice in the dropdown for the firewall.

            We do what we must, because we can.

            Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

            1 Reply Last reply Reply Quote 0
            • B
              bitsrunner
              last edited by

              This is the most recent set of rules, 192.168.0.66 was the OPT2 host I am trying to connect to, that didn't seem to work either

              rules.jpg
              rules.jpg_thumb

              1 Reply Last reply Reply Quote 0
              • B
                bitsrunner
                last edited by

                This is another configuration I tried, as well as my OPT2 interface rules…

                rules2.jpg
                rules2.jpg_thumb
                rules3.jpg
                rules3.jpg_thumb

                1 Reply Last reply Reply Quote 0
                • B
                  bitsrunner
                  last edited by

                  I solved the issues, incorrect default gateway setting on the host box I was trying to access. Thanks again for all the help

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.