Troubleshooting new pfsense 2.5.0 installation
-
Hello, I am writing because in our office we installed a new computer with pfsense 2.5.0 in order to remotely access one of our networks through OpenVPN.
The installation had no problems, the 2 network cards were configured (one with public ip, the other with private ip). It can be accessed through the OpenVPN tunnel without inconvenience. So far it would seem that everything should work.
The connection diagram is as follows.
The problem arises when pings between the different boards (WAN and LAN) and from the equipment in the internal network to the outside.
It should be noted that the IP addresses of the WAN board and the equipment with public IP belong to the same range.
From the graphical interface of pfsense, entering the diagnostic menu ---> ping, localhost, OpenVPN server and LAN were selected as the source, then pings to different destinations. The selected source and the results of the ping to the various destinations are summarized below.- Origin localhost
Pings towards
a) WAN board with public ip (xxx.xxx.xxx.10) - Ok
b) LAN board (192.168.200.248) - Ok
c) computer with public ip (xxx.xxx.xxx.20) - Ok
d) computer with internal ip (192.168.200.200) -Ok - Origin OpenVPN server
Pings towards
a) WAN board with public ip (xxx.xxx.xxx.10) -Ok
b) LAN board (192.168.200.248) - Ok
c) computer with public ip (xxx.xxx.xxx.20) -Ok
d) computer with internal ip (192.168.200.200) -Ok - LAN source
Pings towards
a) WAN board with public ip (xxx.xxx.xxx.10) -Ok
b) LAN board (192.168.200.248) - Ok
c) equipment with public ip (xxx.xxx.xxx.20) - [No response]
d) computer with internal ip (192.168.200.200) -Ok
Then from the internal network equipment with IP 192.168.200.200, the following verifications were made:
Pings towards
a) WAN board with public ip (xxx.xxx.xxx.10) - [No response]
b) LAN board (192.168.200.248) - Ok
c) equipment with public ip (xxx.xxx.xxx.20) - [No response]
d) computer with internal ip (192.168.200.200) -Ok
In the firewall rules, all traffic was allowed from any source from the LAN card to the WAN, but as observed, it is impossible to connect from the internal equipment to the WAN card and to the external equipment with ip of the same range as that of the WAN board.
We have another pfsense that serves another WAN card with three internal networks connected and it works perfectly, I even tried to replicate firewall rules from this one to the new one, but without result.
I would need you to tell me what the error may be that does not allow connecting the internal equipment with the external one that belongs to the same IP range as the WAN card.
I have attached an image of the installation schematic for clarity.
Thanks for the suggestions you can give me. - Origin localhost
-
This device :
the x.x.x.10 and x.x.x.20 are switch together ?
If so, can you connect to the GUI of that device from the LAN of pfSense ?
Or routed ? The device doesn't route x.x.x.10 to x.x.x.20 ( ? ) -
@gertjan said in Troubleshooting new pfsense 2.5.0 installation:
the x.x.x.10 and x.x.x.20 are switch together
Yes, both are switched together