Static Route for other networks



  • Hi everyone,

    I am in a situation similar to that described at the following link: https://docs.netgate.com/pfsense/en/latest/book/routing/static-routes.html#figure-static-route-configuration

    alt text

    but with different IPs.

    The pfSense WAN (192.168.2.3) is connected to the Telecom modem (192.168.2.1)

    Downstream of the router I have the network (192.168.0.0/24) where there is the OpenVPN server (192.168.0.31).

    PROBLEM: I can't reach the internal server from the OpenVPN clients.

    I have the following WAN rule:
    alt text

    The following rule on the LAN:
    alt text

    Gateway:
    alt text

    and static route:
    alt text

    Can you give me some suggestions? Where am I doing wrong ?

    Regards
    Giovanni



  • Before adding rules you should check the Firewall Rules basics.

    In your LAN rule the source can't be the WAN address. It should be LAN net. The source port has to be any.

    Further the OpenVPN rule on WAN only makes sense if you're running an OpenVPN server on pfSense itself. However, as you stated, the only OpenVPN server is behind the other router.



  • Hi Viragomann

    Thanks for the quick reply.

    So, just to be clear, the rule on the WAN can be removed

    On the LAN I can leave the default rules ( not showed in the picture, but present ) and remove or in any case update the one posted accordingly to your suggestions.

    But, based on that, in any case I cannot reach the OpenVPN server.
    From Diagnostic --> Ping now i cannot ping the router (192.168.1.2)



  • If there is no OpenVPN serve running on pfSense you can remove the WAN rule.

    Consider that you also need a static route on the router for the network behind pfSense pointing to the pfSense WAN address.



  • Hi All,

    Issue fixed adding a NAT rule.

    alt text

    That automatically has updated the WAN:
    alt text

    regards
    Giovanni


Log in to reply