New user needs help



  • I am not very good at networking so I apologize if this is a stupid problem.  Using Pfsense 2.0 rc1

    Here is old network:

    Modem –> router(192.168.0.1) --> PC1 Windows 7
                      |
                      --------------------> PC2 XP Pro
    With is setup I was able to remote desktop from PC1 --> PC2 without problems

    New network:

    Modem --> pfsense(192.168.3.1) -->PC1 (192.168.3.10)
                          |
                          ------------------>PC2  (192.168.3.11)

    So i setup my first pfsense box and most of it is working.  However, I am unable to remote from PC1->PC2 can't ping from PC1->PC2 nor PC2->PC1.  Both computers are connected can access the pfsense web interface and can access the internet.

    Why can't they see each other?

    Thanks for the help.



  • What do your firewall rules/nat rules look like?



  • Was your old network setup with pfsense?
    if it wasn't did you use old router switch side?



  • @LostInIgnorance:

    What do your firewall rules/nat rules look like?

    No nat rules and here are my firewall rules.

    
    Proto	Source	Port	Destination	        Port	Gateway	Queue	Schedule	Description
    *	*	         *	 *	                *	*	        none
    *	*	         *	 LAN Address	*	*	        none	
    *	LAN net	 *	 *	                *	*	        none	  	
    
    

    Added the 1st rule while trying to fix this problem.

    Wan Rules:

    
    Proto	Source	Port	Destination	Port	Gateway	Queue	Schedule	Description	
    
     *	RFC 1918 networks	*	*	*	*	*		Block private networks	
    
     *	Reserved/not assigned by IANA	*	*	*	*	*	*	Block bogon networks
    

    also, in windows ping is giving me : Destination host unreachable

    not: request timed out.

    Here is the full output of what I get when i type ping 192.168.3.12 from PC1:

    Pinging 192.168.3.12 with 32 bytes of data:
    Reply from 192.168.3.11: Destination host unreachable.
    Reply from 192.168.3.11: Destination host unreachable.
    Reply from 192.168.3.11: Destination host unreachable.
    Reply from 192.168.3.11: Destination host unreachable.
    
    Ping statistics for 192.168.3.12:
        Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
    


  • It is not clear how PCI and PC2 are connected to your pfSense. Your diagram suggests they are on distinct pfSense interfaces (e.g. LAN and OPT1) but, apart from WAN, you quote only one set of firewall rules suggesting they are both connected to a switch connected to the LAN interface.

    If the first case you have an invalid configuration: you need distinct IP subnets on the interfaces unless they are bridged. In the second case, they should be able to communicate regardless of firewall rules.


  • Netgate Administrator

    Your diagram doesn't have a 192.168.1.12.
    Is that just a typo?

    Steve



  • @stephenw10:

    Your diagram doesn't have a 192.168.1.12.
    Is that just a typo?

    Steve

    Yes it was a typo in the original diagram.  Sorry about that .

    PC1 is 192.168.3.11
    PC2 is 192.168.3.12

    The ping command I am typing is from PC1 (192.168.3.11) and is :
    ping 192.168.3.12



  • @wallabybob:

    It is not clear how PCI and PC2 are connected to your pfSense. Your diagram suggests they are on distinct pfSense interfaces (e.g. LAN and OPT1) but, apart from WAN, you quote only one set of firewall rules suggesting they are both connected to a switch connected to the LAN interface.

    If the first case you have an invalid configuration: you need distinct IP subnets on the interfaces unless they are bridged. In the second case, they should be able to communicate regardless of firewall rules.

    I have set up 192.168.3.1 as a wireless ap.  Thus multiple clients can get a dhcp address can connect to it.

    Is this wrong?

    when I check active dhcp leases, both PC1 and PC2 show as being active.


  • Netgate Administrator

    Are you using a wireless card in the pfSense box for LAN or an external access point?

    Reply from 192.168.3.11: Destination host unreachable
    

    Rather than 'request timed out' suggests that your client doesn't have a route to the other PC.
    Is it receiving the correct subnet mask from the pfSense DHCP server?

    Steve



  • @stephenw10:

    Are you using a wireless card in the pfSense box for LAN or an external access point?

    Reply from 192.168.3.11: Destination host unreachable
    

    Rather than 'request timed out' suggests that your client doesn't have a route to the other PC.
    Is it receiving the correct subnet mask from the pfSense DHCP server?

    Steve

    Yes it is a wireless card that is set up as a wireless ap.

    both computers are getting the correct subnet mask.


  • Netgate Administrator

    Ah, well have you checked the 'Allow intra-BSS communication' box in the wifi interface settings?

    Steve



  • @stephenw10:

    Ah, well have you checked the 'Allow intra-BSS communication' box in the wifi interface settings?

    Steve

    Nope, ticking that option fixed it.

    Thanks so much.  There are so many options in pfsense as a new user it is hard to figure everything out.  I apologize, if that was an obvious solution, didn't mean to waste people's time.

    Thank-you to everybody in this thread who tried to help me out.


Locked