MRTG problem on WAN
Hi everybody. I'm trying to use MRTG and pfsense but I have problems.
My pfsence has three NICs:
a NIC for WAN
a NIC for DMZ
a NIC for VLANs
When my win-pc sits on DMZ, I'm able to monitor DMZ-traffic.
When my win-pc sits on VLAN, I'm able to monitor VLAN-traffic.
When my win-pc sits on WAN, I'm able to monitor WAN-traffic.
But when I try to configure MRTG, from my win-pc sitting on DMZ, in order to monitor WAN-traffic I get the following error:
no response received
SNMPv1_Session (remote host: "wan" [xx.xx.xx.xx].161)
request ID: -1276485481
PDU bufsize: 8000 bytes
at C:/mrtg-2.16.3/bin..\lib\mrtg2/SNMP_util.pm line 629
SNMPWALK Problem for 126.96.36.199.2.1.1 on public@wan::::::v4only
at cfgmaker line 956
WARNING: Skipping public@wan: as no info could be retrieved
what seems to be the problem? Please help.
I am guessing this is the general case where you can't access a pfsense port on the WAN from inside the LAN (or DMZ in this case.)
So, it's just a rule problem or it is not supported by pfsense?
As danswartz mentioned, this is probably just a rule problem. Show us some screenshots from your DMZ firewall rules…
I have a DMZ-rule that allows any from my pc to wan interface (dmz.JPG).
10.34.152.35 is my pc IP
10.34.152.2 is my WAN interface IP
There is also a WAN rule (wan.JPG) which is unnecessary in my opinion, but added just in case.
There are no blocked packets on "firewall system logs".
I drew a picture of your configuration and noticed your DMZ PC (10.34.152.35) appears to live on the same subnet as your WAN IP (10.34.152.2). Is this correct? Or, have you applied different masks to your networks? Look at the attached jpg and tell me if this is right/wrong.
27-bit masks to both wan and dmz (different nets).