Port forwarding from Local network connected to WAN of PFsense
I hope someone can give me some advice around setting up Pfsense to allow me to port forward from my local network to the Pfsense router on the WAN directly. Even to ping the Pfsense router would be a step closer from the main local subnet.
I have tested and confirmed that if I port forward from my main router to the Pfsense router WAN, I can then for example SSH from my public address it works fine.
I also have the issue of not being about to ping my Pfsense router from my local subnet e.g from a iMac on 192.168.1.10 and my Pfsense WAN setup on 192.168.1.100 ( I get timeout for all requests). I dont think its firewall for the ping as I setup in the firewall rules to pass ICMP on WAN.
For info - I can ping all main local subnet IP from Pfsense without any issues.
Please see attached for my drawing of my network, apologies I am not a network engineer if i am asking any dumb questions.
All of my main LAN clients are mainly on DHCP with the exception of a couple of static IP.
All of the Pfsense LAN clients are on DHCP and all fine without any issues.
As a work around i could port forward from my main router to Pfsense but i would rather minimise external access into my network.
The issue was due to blocking private networks on the WAN interface.
I disabled the Block private network under Reserved networks and everything is working as expected now.
Hope this helps anyone else that experiences a similar problem.