Server cannot get through OPT1 interface… firewall blocking?
Played with this off and on and haven't been able to figure it out. When I upgraded to the latest version of PFSense a while back, I started with a clean slate. Was working fine before.
Now I can't get my server, connected to the OPT1 interface directly via a crossover cable to access ANYTHING, let alone ping the OPT1 interface.
I have a rule on the OPT1 interface's firewall that looks like:
Proto Source Port Destination Port Gateway * OPT1 net * ! LAN net * *
As far as I understand, this grants the any machines on the OPT1 subnet the ability to access anything but the LAN subnet.
When I check the firewall logs after trying to ping the OPT1 interface (192.168.1.1) I can see that it is blocking all attempts from the server, as well as DNS requests.
Maybe I'm overlooking something obvious here… I'd really appreciate any help.
Anyone? I just don't see how it would be blocking traffic when there is a rule there allowing it… and that rule looks almost exactly the same as the one on the LAN interface with the exception of not being able to access a certain subnet (in this case, the LAN subnet).
Have you tried removing this rule and creating one that allows all traffic to see if it works? When I struggled with pfSense firewall rules, I usually found that when I started over and made more robust rules, I could track where my problems were.