Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Newbie question

    Scheduled Pinned Locked Moved Routing and Multi WAN
    4 Posts 3 Posters 484 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      srikanthkaushik
      last edited by

      I've just recently started experimenting with Pfsense. I have a proxmox server which is running a few VMs (see picture) including pfsense in a VM.
      Proxmox Pfsense.jpg

      I have a couple of questions based on my observations below.

      1. app4d (192.168.1.100) and app5d (192.168.1.101) can ping each other using domain names - app4d.home.tdomain & app5d.home.tdomain - This works
      2. app4d and app5d can ping pfsense.home.tdomain (192.168.1.1)
      3. app1d cannot ping 192.168.7.214
      4. dev laptop (192.168.7.50) cannot ping 192.168.7.214

      Is it possible to expose the pfsense DNS resolver externally so that app1d / dev laptop can interface with app4d / app5d using FQDN? If not, is it possible to setup certain routes for traffic to flow from the 192.168.7.x network to the 192.168.1.x network? Is this even a valid scenario I'm trying to solve??

      Thanks in Advance!

      S 1 Reply Last reply Reply Quote 0
      • S
        SteveITS Galactic Empire @srikanthkaushik
        last edited by

        @srikanthkaushik If pfSense is directly connected to those networks there is no need for custom routing. However all interfaces (except LAN) default to no firewall rules...so all traffic is blocked. Sounds like you need to add rules to each interface to allow traffic to the 192.168.1.1 network, and to the pfSense interface IP port 53 (TCP+UDP) for DNS.

        Pinging or any connection on the same network doesn't go through pfSense.

        Pre-2.7.2/23.09: Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to restart, or more depending on packages and device speed.
        Upvote ๐Ÿ‘ helpful posts!

        S 1 Reply Last reply Reply Quote 0
        • S
          srikanthkaushik @SteveITS
          last edited by

          @steveits Thank you. I will continue digging into the configurations to see where I'm going wrong.

          1 Reply Last reply Reply Quote 0
          • M
            Myster_fr
            last edited by Myster_fr

            Hi,

            One reco regarding your pfSense VM settings in Proxmox : I'd recommend disabling the Proxmox firewall from this VM's interfaces, as it might interfere with the rules you'll set in pfsense.

            For instance, if you allow some traffic on the pfSense interface, but did not also allow it on the proxmox firewall for the VM, then you might run into trouble.

            As pfSense is a firewall, there's no point in enabling Proxmox's filtering on top of it ๐Ÿ˜‰

            In addition, if the 192.168.7.214 interface is the "outside" (WAN) interface of you firewall, all incoming traffic is discarded by default, you'll have to define explicit rules allowing ICMP for instance for your tests.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.