Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Windows File Sharing DMZ -> LAN Working *Sometimes*??

    Scheduled Pinned Locked Moved General pfSense Questions
    23 Posts 5 Posters 14.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      Metu69salemi
      last edited by

      I agree with wallabybob..

      I don't understand why to have firewall wan/lan within same umanaged switch?
      I assume that you are trying to use pfsense as an router, because it's placed in the network and not to the edge of it. Am i right?
      Or you're doing some sort of test environment inside of network

      1 Reply Last reply Reply Quote 0
      • 0
        0x0
        last edited by

        Ok, I'll tinker around with things later tonight in an attempt to conform to your suggestions; however, please keep in mind that the pfsense LAN, WAN, and DMZ are all self contained in a virtual machine running on VMWare ESXi. The server has two NICs, and they both act as switches, not as a traditional NIC - this is just how ESXi operates.

        The cable modem is acting as a network adapter (as much as I can get it to) and it is providing DHCP. It's a crappy Comcast SMC business adapter/cable modem and isn't a very robust unit. It has an IP like 173.x.x.6 and pfsense has virtual IPs 173.x.x.1 - 173.x.x.5 using ARP (I'm not 100% sure how that works, but it does.) The pfsense then can allow/deny rules based on the ones on that interface.

        There are a few computers, wireless routers and other devices that use 10.10.10.1 as their gateway. I saw no reason for them to use pfsense since it would be a single point of failure. And god help me if netflix goes down while I'm at work and the kids can't watch spongebob…  :P

        I have the VNC port being port forwarded from the cable modem right to the 10.10.10.130, should my ESXi server fail, I can still access the network to fix things.

        I appreciate everyone helping with this, I really figured all this out on my own, that's why my network looks like it is held together with duct tape and magic (because it is...).

        1 Reply Last reply Reply Quote 0
        • S
          stortoaranci
          last edited by

          Hi,

          I've the same problem too. the only difference is that LAN is bridged network in order to allow wi-fi connections.

          In my case if i go through WLAN then i can reach the samba server in dmz but i'm unable from eth0. no rules in the WLAN/ETH interfaces.

          in wireshark i can see dmz traffic in reply to lan requests but service always ask for a password.

          samba server has its own dns server, no dhcp.

          no problem trough openvpn too.

          I'm able to connect on the same server via ssh, vnc, http…

          pfsense ver is the yesterday's build.

          thank you for the help.

          interfaces.png
          interfaces.png_thumb
          rules_dmz.png
          rules_dmz.png_thumb
          rules_lan.png
          rules_lan.png_thumb

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.