Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall rules for double NAT

    Firewalling
    1
    1
    136
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bohaman
      last edited by

      Hello, I'm currently running an issue I hope someone could help point me to the right direction.

      Simple connection for my network 5Gmodem (openwrt) 192.168.10.1 > (192.168.10.15) PFsense 192.168.11.x > Switch (Mikrotik) 192.168.11.x > Router (Mikrotik) 192.168.11.x > End devices 192.168.11.x.

      I'm trying to set up Wireguard and followed the instruction to set the WAN and LAN rules for wireguard. However, I can't seems to connect with my wireguard outside of my PFsense network.

      What currently working
      If my end device connected within my PFsense address, if I set the endpoint with the IP address is 192.168.10.15 (WAN), my device is able to connect to the wireguard.
      Or with the endpoint IP as 192.168.11.1 (LAN) my device can still handshake with wireguard

      What currently not working
      If my end device connected outside of my PFsense network let say directly to my openwrt router. Even I use the IP address of my PFSense connect from openwrt which is 192.168.10.15 there were no handshake.

      I'm not sure if this issue due to me not having firewall rules at the openwrt level or within pfsense? I tried to portforward for both openwrt and pfsense but still no luck so far. I even tried the NAT function in pfsense and set NAT-Portfward-WAN to 51820 but not hign worked.

      Hope someone can help point me to the right direction. Thank you for your time.

      1 Reply Last reply Reply Quote 0
      • First post
        Last post
      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.