Static Route for other networks
I am in a situation similar to that described at the following link: https://docs.netgate.com/pfsense/en/latest/book/routing/static-routes.html#figure-static-route-configuration
but with different IPs.
The pfSense WAN (192.168.2.3) is connected to the Telecom modem (192.168.2.1)
Downstream of the router I have the network (192.168.0.0/24) where there is the OpenVPN server (192.168.0.31).
PROBLEM: I can't reach the internal server from the OpenVPN clients.
I have the following WAN rule:
The following rule on the LAN:
and static route:
Can you give me some suggestions? Where am I doing wrong ?
Before adding rules you should check the Firewall Rules basics.
In your LAN rule the source can't be the WAN address. It should be LAN net. The source port has to be any.
Further the OpenVPN rule on WAN only makes sense if you're running an OpenVPN server on pfSense itself. However, as you stated, the only OpenVPN server is behind the other router.
Thanks for the quick reply.
So, just to be clear, the rule on the WAN can be removed
On the LAN I can leave the default rules ( not showed in the picture, but present ) and remove or in any case update the one posted accordingly to your suggestions.
But, based on that, in any case I cannot reach the OpenVPN server.
From Diagnostic --> Ping now i cannot ping the router (192.168.1.2)
If there is no OpenVPN serve running on pfSense you can remove the WAN rule.
Consider that you also need a static route on the router for the network behind pfSense pointing to the pfSense WAN address.
Issue fixed adding a NAT rule.
That automatically has updated the WAN: