Inter Lan routing & firewall walls

Steve Mustafa

Firewall was working perfectly fine yesterday and this morning and for the last month. What the heck happened to change the status quo I have no clue.

We've got a firewall with multiple lans, a LAN, a DMZ (Orange) and a Blue (Wireless) and two Wans.

With these rules in place on the firewall Rules:

proto           source                port              destination           port         gateway

• LAN net             *              WebServer         *                         (Rule on Lan to access the DMZ webserver)
  ===========================================================================================================
  TCP/UDP     *                     *              WebServer    80 (HTTP) *   (Rule on WAN to access the DMZ webserver (HTTP))
  TCP/UDP     *                     *              WebServer    443 (HTTPS) *   (Rule on WAN to access the DMZ webserver (HTTPS))
  ===========================================================================================================

What's wrong?

TIA

[edit]

This is now defying all logic.  I backed up the rule set and then deleted all the rules in existence.

Now check this out.

On the LAN, I have the default rule which basically let's anything out. Ping google, everything works. I can ping the DMZ gateway address but nothing on the subnet itself, however, I can ping anything on the subnet from the DMZ address (on the ping page).  I thought PFSense was like a shoebox (read it on a post somewhere here) where your rules are applied on the listening interface, afterwhich packets are free to move (being "nicely" pointed in the right direction of course).

What could possibly be wrong?