Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Static Route for other networks

    Scheduled Pinned Locked Moved NAT
    5 Posts 2 Posters 386 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • G
      Giovanni Silvestri
      last edited by

      Hi everyone,

      I am in a situation similar to that described at the following link: https://docs.netgate.com/pfsense/en/latest/book/routing/static-routes.html#figure-static-route-configuration

      alt text

      but with different IPs.

      The pfSense WAN (192.168.2.3) is connected to the Telecom modem (192.168.2.1)

      Downstream of the router I have the network (192.168.0.0/24) where there is the OpenVPN server (192.168.0.31).

      PROBLEM: I can't reach the internal server from the OpenVPN clients.

      I have the following WAN rule:
      alt text

      The following rule on the LAN:
      alt text

      Gateway:
      alt text

      and static route:
      alt text

      Can you give me some suggestions? Where am I doing wrong ?

      Regards
      Giovanni

      1 Reply Last reply Reply Quote 0
      • V
        viragomann
        last edited by

        Before adding rules you should check the Firewall Rules basics.

        In your LAN rule the source can't be the WAN address. It should be LAN net. The source port has to be any.

        Further the OpenVPN rule on WAN only makes sense if you're running an OpenVPN server on pfSense itself. However, as you stated, the only OpenVPN server is behind the other router.

        1 Reply Last reply Reply Quote 0
        • G
          Giovanni Silvestri
          last edited by

          Hi Viragomann

          Thanks for the quick reply.

          So, just to be clear, the rule on the WAN can be removed

          On the LAN I can leave the default rules ( not showed in the picture, but present ) and remove or in any case update the one posted accordingly to your suggestions.

          But, based on that, in any case I cannot reach the OpenVPN server.
          From Diagnostic --> Ping now i cannot ping the router (192.168.1.2)

          1 Reply Last reply Reply Quote 0
          • V
            viragomann
            last edited by

            If there is no OpenVPN serve running on pfSense you can remove the WAN rule.

            Consider that you also need a static route on the router for the network behind pfSense pointing to the pfSense WAN address.

            1 Reply Last reply Reply Quote 0
            • G
              Giovanni Silvestri
              last edited by

              Hi All,

              Issue fixed adding a NAT rule.

              alt text

              That automatically has updated the WAN:
              alt text

              regards
              Giovanni

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.