Using my old Linksys gateway as a 4-port ethernet switch and AP
-
Hi All,
It's my second day using PFSense and have hit a snag.
My Setup
Internet –---(DSL Modem - PPPoE/Dynamic)----PFSENSE----Linksys WRT54GS(Wi-Fi + 4-port - Stock Firmware)
My idea was to use the WRT54GS to manage my LAN machines both wired and wireless on subnet 192.168.1.x
-I have 3 of my machines hard wired into the WRT54GS.
-I have the WRT54GS hard wired from it's LAN port #1 to the LAN port on the PFSense box.- I changed the local IP address of the WRT54GS to 192.168.1.254 (On the same subnet as the PFSense gatweway = 192.168.1.1)
-DHCP is disabled on the WRT54GS and not in use of the PFSense box. All machines are assigned a static IP.
-I have no problem accessing the internet from all 3 machines.
-The PFSense box only has the default "pass" firewall rule and default NAT defined.
-My PFSense box just has the default "pass" rule applied.
My snag is that I cannot ping between any of the machines on the LAN.
From the PFSense box I am able to ping the WRT54GS (192.168.1.254) but not the machines behind it.
I accessed the console of the WRT54GS and tried the diagnostic ping utility but I can't seem to ping anything.I'd greatly appreciate any help with getting this going. Or can the linksys even be used in this fashion?
- I changed the local IP address of the WRT54GS to 192.168.1.254 (On the same subnet as the PFSense gatweway = 192.168.1.1)
-
It's wierd because if I plug the LAN machines directly into the PFSense LAN port I still cannot ping the assigned IP's from the CLI. I am still able to access the internet from the machines. But if I plug in the WRT54GS I can ping this machine from the CLI but no machines behind it.
It must be a rule issue. I've tried to configure a custom rule to allow all ICMP traffic over the LAN but I am not used to configuring these rules. No luck so far.
-
Is your windows firewall running? Set up to allow incoming ping?
-
It was actually McAfee personal firewall causing the issue. I thought I had it configured to accept incoming ICMP but somehow it got reset when I changed my LAN network configuration. I was looking for the root cause to be harder than it was. I guess that's what you get when trying to troubleshoot at 2:00am on a few hours sleep.
I am a N00B when it comes to packet sniffing technologies. I love the features of PFSENSE so far. After reading I'm taking this dumb mistake to learn how to use tcpdump to analyse where my packets drop. I also ordered the "PFSENSE definitive guide" from Amazon. Should be coming in today. Hopefully it can help me understand how to securely setup my DMZ.
Regards,