How to do Comunication between 2 networks
I have 2 internet ISP and both come in to pfsense. These accounts have the address
and my LAN is 10.0.0.0/24 LAN
Each network has a different NIC
My problem is that I cant comunicate from W1 or W2 to LAN . I addedd this rule for this
but doesnt work!!
If I do a ping since W2 to any host in the LAN doesnt work
What it is the rule thta I need to put ?
Firewall rules must be added to that interface, where the traffic is coming into pfSense.
So if you WAN to allow access from WAN2 you have to put this rule on WAN2.
However, not clear, which access you really want to allow here.
"WAN2_CENSOL net" is only the subnet which is defined on this interface, i.e. 192.168.1.0/24.
If you really want to allow access from this subnet only, but not from the whole internet, you also need to go to the interface settings and remove the check at "block private networks" if any, which is set by default on WAN interfaces.
The block is disable but if I try to ping from 192.168.1.2 to 10.0.0.109, the first IP is the local IP in this segment for PfSense, I cant, the ping never works.
I think I need this bc I am trying to do a port forward to 10.0.0.109 HTTPS and access it from internet but I cant do this yet
I did the port forward from ISP router to pFsense but now I need to go to webserver and I cant arrive to the webservice
For ping you have to allow ICMP. Your shown rule only covers TCP.
Accessing an IP behind pfSense does not require a port forwarding, just a proper pass rule to allow it.
Also consider that the destination device can block the access by its own internal firewall. So you possibly have to add a rule there as well.
the webserver doesnt have firewall, for now
the idea is can access from internet the webserver behind pfsense
I am looking for info about this topic and everybody tell me that I need to do a PortForward rule to pass traffic from
ISP router -> PfSense -> WebServer
ISP router -> PfSense -> WebServer
The question is, if the source address (which pfSense is seeing) is the ISP router or something in the internet.
Normally it should be the public IP of the client.
192.168.1.2 to 10.0.0.109
is different thing at all.
I said, there is no need for port forward pass traffic from one subnet, which is connected to pfSense to another, as you mentioned you cannot ping between these.
If you have enabled traffic forwarding to pfSense on the ISP router, the destination IP in the packets is the WAN IP of pfSense, but not the IP of the device behind. In this case you have to forward the traffic on pfSense as well.
But this is not, what you requested before.
Maybe you can give more details about your setup and what you try to achieve.
I need to do this call https://myserver.com:8443/script.php, this server is behind PfSense
To get this I did this
ISP Router -> PfSense -> WebServer
I did a POrtforward into ISP router and put the port 8443 point to 443 in the pfsense Server until now this works bc when I call https://myserver.com:8443 I get the PfSense GUI so this PortForward is working bc is coming to PfSense.
Now I need to go through pfSense and arrive to webserver that is not pfSense
for this i did this
CReate a Rule in pFsense NAT
WAN2_Censol is the interface for come in the traffic so I am trying to redirect that traffic to server 10.0.0.109 port 443
My PfSense has 3 NIC
1-WAN1 - 192.168.0.2
2- WAN2 - 192.168.1.2
3- LAN - 10.0.0.2
LOCAL IP for ISP router 192.168.1.1
These are the rules in the WAN2 interface
The last rule is automatic when I do the NAT
So finally the need is can access to webserver using 8443 port that is 10.0.0.109 but from internet https://myserver.com:8443
https://myserver.com:8443 if I do now works showing me pfsense GUI.
I think that because the server is on another network, which is not WAN2 but LAN, it cannot reach since there is no communication between these two subnets, that is, if I give a ping from 192.168.1.2 to 10.0.0.109 the ping does not work although there is a rule that says that traffic coming from WAN2 can reach the LAN
Really this should be so easy but I cant solve this I suppose must be my errror but I dont know where , I have done all that for getting a webserver behind PfSense but nothing works
I hope this be enought to understand the scenario
All clear now.
I see this issue:
On the ISP router, you forwarded traffic on port 8443 to <pfSenseWAN2>:443
On pfSense forwarded traffic from WAN2:8843 to <weberver>:443
But pfSense doesn't get the packets on port 8443, but on 443. So you need to change the destination port in the forwarding to 443.
You should also change the WebGUI port to anything else. You can do this in System > Administration.