VLAN cannot access private network behind another router

sho1sho1sho1

I have a private network behind my pfsense firewall.

Router WAN connected to pfsense VLAN 20, Route LAN is 10.0.0.0/8 private network.
-10.0.0.0/8 Private network
-VLAN 20 Gateway is 192.168.20.1
-router WAN IP is 192.168.20.11 dynamically assigned by pfsense VLAN 20 dhcp server
-router LAN IP is 10.0.0.1

I am trying to ssh server 10.0.0.198 but cannot get to the server.

On the router, I set NAT Virtual Server external IP 192.168.20.11 port 22 and internal IP 10.0.0.198 port 22.

ssh root@192.168.20.11 does not work.

I can ping 192.168.20.1 and 192.168.20.11. I can get to the router's webgui at 192.168.20.11. But somehow, the port forwarding is not working.

Does anyone have experiencing in setting this up before?

Thanks!

viragomann

@sho1sho1sho1
Possibly pfSense is listening on port 22.
Check the settings in System > Advanced > Admin Access > Secure Shell Server.

Maybe change either port.

johnpoz

@sho1sho1sho1 said in VLAN cannot access private network behind another router:

-router WAN IP is 192.168.20.11 dynamically assigned by pfsense VLAN 20 dhcp server
-router LAN IP is 10.0.0.1

So if your wan of pfsense is rfc1918 this 192.168.20 address. And you want to get to 10.0.0.x on pfsense lan, if pfsense is doing nat.. Yes you would have to setup a port forward.

Also you would have to disable the block rfc1918 rule on pfsense wan. This rule blocks source IPs of rfc1918, which I would assume your client your trying to ssh to this 10.box is on..