Allow LAN
-
Hi,
i have a problem with my pfsense.
My network:
WAN - pppoe
LAN - 10.10.10.0.24
DHCP is from pfsenseHardware:
pfsense with 2 network (1 WAN + 1 LAN)
LAN conected into switch (no management)on Switch i have multiple ports up
Everything works ok, i have internet on all equipments.
Now:
i add an Wifi AP into switch (Deco M4 - no isolation)
i connect a some devices and i can reach internet (works ok)
for this i added a rule into Firewall/Rules/LAN to Pass eevryhing from LAN to ANY with TCP Flags (any flags) and State Type - SloppyProblem:
Everything from Wifi is not reachable from LANWhat rules i need to add or what i need to do for this to work ?
Thank you !
Florin -
@flcaza traffic between devices on the same network do not go through pfsense. You not being able to talk to wireless devices from your lan would have nothing to do with pfsense.
You sure your M4 system isn't doing nat? And while you think your on the same network - the m4 is actually natting between the lan its network. Even if the networks are the same 10.10.10
-
@johnpoz M4 system is in AP mode, i do not think he is doing NAT.
Why ?
from pfsense ping is working ok
PING 10.10.10.131 (10.10.10.131): 56 data bytes
64 bytes from 10.10.10.131: icmp_seq=0 ttl=64 time=2.099 ms
64 bytes from 10.10.10.131: icmp_seq=1 ttl=64 time=2.712 ms
64 bytes from 10.10.10.131: icmp_seq=2 ttl=64 time=2.228 msfrom my pc is not
C:\Users\flcaza>ping 10.10.10.131
Pinging 10.10.10.131 with 32 bytes of data:
Reply from 10.10.10.254: Destination host unreachable.
Reply from 10.10.10.254: Destination host unreachable.Same with telnet, from pfsense is working from my pc is not
Port test to host: 10.10.10.131 Port: 34567 successful.C:\Users\flcaza>telnet 10.10.10.131 34567
Connecting To 10.10.10.131...Could not open connection to the host, on port 34567: Connect failedMy pc is in same switch with M4
-
@flcaza and again pfsense has zero to do with client A talking to client B on the same network..
Do you have a bridge setup on pfsense? Where the AP is on one side of the bridge, and your client your trying to ping from is on the other?
If not then pfsense has zero clue to that traffic..,
If you have client A on 10.10.10.x/24 and client B on 10.10.10.y/24 when client A wants to talk to B they arp - and ask hey who has IP address 10.10.10.y, this device would then answer with hey my mac address is abc.. And client A would send the the traffic to that mac.. Pfsense, ie the router to get offer the 10.10.10 network has zero to do with that.. Zero..
Do you have a mask mismatch where client A thinks this device B is on a different network?
Reply from 10.10.10.254: Destination host unreachable.
That points to mismatch - because a client on network A talking to different client on network A would never ever send the traffic to the router (pfsense)..
-
Hi @johnpoz,
Thank you for your patience. Issue was solved. How ? i put openwrt on DecoM4 and now is working.
I do not know why was working from pfsense and not from lan, but as is working now i suppose is was from M4.
Thanks!
Florin
