  I am first time user of this software and hope to get some help ...

    home network ( with unifi router between cox to home ( - home network gw)
    two hyper-v hosts, each with 2 NICs, one of the NIC dedicated to hyper-v guest (virtual switch) with VLAN tagging turned on, VLAN1(10.1.1.x), VLAN 2 (10.2.2.x)
    cisco gs350 managed switch with port 7/8 configured as trunk - plugged in the hyper-v dedicated NIC, port 1 (VLAN1) connect to home network switch
    before introduce pfsense, VMs inside both hosts can talk to each other within their VLAN but it cannot communicate cross VLAN

    • installed pfsense in a VM with 2 virtual NICs, one tagged to VLAN1 (hn0), another tagged VLAN2 (hn1)
      in the setup, select hn0 as wan, give it with upstream gateway, hn1 as LAN, give it
      [after this default setup, I am able to ping any hosts in 10.1.1.x from 10.2.2.x, also able to manage pfsense using web interface only using, but from any PC in 10.1.1.x, I cannot even ping, of course not anything from 10.2.2.x]
      .... looks like one direction routing
      I googled and tried to disable the firewall and NAT - this broke almost all so I have to revert it back, I also added firewall rules in WAN to allow anything to pass ...

    You understand pfsense would be natting right, and all unsolicated inbound traffic on its wan yes would be blocked. If you want to allow ping to pfsense wan, then you would have to create a rule.

    Also if your going to be pinging from rfc1918 as your source, you would have to remote the block rfc1918 rule.

    Here this allows ping to pfsense WAN ip

  • Thank you so much, johnpoz!!!
    after adding that rule I am able to ping (wan address) ...
    routing still not happening ... what do i need to do to allow pc in 10.1.1.x to ping pc in 10.2.2.x?

