Client machines unable to ping out from behind pfsense box…test setup



  • Ok,

    I have setup a test pfSense box, 2.0 BETA4, it's wan interface has received IP from our current router (192.168.1.161) and I have set the private subnet behind pfsense to 10.42.66.x, client machine gets a 10.42.66.x address no problem, can ping pfsense box, can also ping our edgemarc (192.168.1.1) but is unable to ping anything on the internet from behind this setup.  Now I realize this is a double nat situation, but before I put this into use as the main router, I would like to resolve this so I know what is causing it, besides, I'm unable to do any real testing without access to the outside world from behind pfsense… I'm new to pfsense, so be gentle :) (Not new to linux/unix however, so I do understand tech-a-nese :) )  I'm sure this is something simple I'm overlooking due to my never having dealt with pf before..... any pointers?  I know this would most likely work once it has the public ip on it's wan iface, but I don't want to put it there without having had success with the current setup first.

    Thanks in advance!

    -Andy

    Andrew Miffleton
    Telecommunications Technician
    DFW Business Telephones, Inc.
    1260 Shiloh Rd
    Plano, TX 75074
    (972) 424-4242
    http://www.dfwbt.com



  • One more thing, I did ssh into the pf box, it IS able to ping internet hosts just fine, and also can ping the clients, it's just the client machines behind pf that can't get out…. makes me wonder if the edgemarc is stopping this somehow? I think my next test is going to be to grab an old linksys BEFSX41 and setup another double nat and see if i get the same result there.....

    -Andy

    Andrew Miffleton
    Telecommunications Technician
    DFW Business Telephones, Inc.
    1260 Shiloh Rd
    Plano, TX 75074
    (972) 424-4242
    http://www.dfwbt.com



  • Alrighty, tested with the Linksys router, set it up behind current router, made it's private net 10.44.55.x, was able to ping out from behind it successfully, so it IS definitely something within the pf box preventing the clients from getting out…..

    -Andy

    Andrew Miffleton
    Telecommunications Technician
    DFW Business Telephones, Inc.
    1260 Shiloh Rd
    Plano, TX 75074
    (972) 424-4242
    http://www.dfwbt.com


Locked