Allow firewall rules for home lab
-
I'm running pfSense as a router on a VM in Proxmox. I have the WAN and LAN firewall rules wide open.
WAN faces my home network, LAN is internal to Proxmox.
I can get to the firewall admin page from my laptop. But not to any of the VMs.
I can get around this with a port forward rule which will take me to one VM.
Or, if I disable the firewall (pfctl -d) I can ssh and get to my VM but NAT does not work on my proxmox internal LAN. But if I enable the firewall (pfctl -e) then NAT is turned back on and I can still SSH/ access the VMs. Why is this, I can't work it out? -
@imhungrydog
Probably it's due to reply-to. This directs any respond traffic to requests coming in on WAN to the default gateway.If you have only one upstream gateway anyway, you can disable reply-to in System > Advanced > Firewall & NAT.
Otherwise you can add a firewall rule to WAN to allow traffic from your home network an disable it in the advanced options. -
@imhungrydog Why are you using the firewall again.
-
@Bob.Dig Hi, the aim is to use a home lab for learning. So the firewall is not really needed, it's the NAT capability and the router function for the VMs on the LAN side. Thank you for looking at this.
-
@viragomann Thank you, I appreciate it. The aim is to allow access to my VMs from the WAN side (home network) and effectively use the pfSense device as a router with the NAT functionality enabled for the LAN side VMs to access the internet.
