New network setup



  • First off I would like to say, that I had a working pfsense box, but I realized that it was not the best and most secure settings. So after my HD crashed I decided to move everything to a new room and start over from scratch, I am not the best artist in the world, but I made a current drawing of how the network is. However it is all working I can not communicate from one network to the other through DNS, I can only access one or the other via the IP address, so I know it is something in the rules, just not sure what.

    Basically what I want to do is have my Server, LAN and WiFi all communicate with each other using remote access via DNS and file storage on the server, as the LAN computers need to be mapped to the servers drives. The main question I have is, what would be the best settings in the firewall rules to get all this to work correctly?

    The current settings I have are basically out of the box with no rules in the firewall. I am terribly sorry for the lack of knowledge, I am doing my best to help others understand what I am trying to do. Thank you kindly in advance for all your help.




  • @virtualliquid:

    I can not communicate from one network to the other through DNS, I can only access one or the other via the IP address, so I know it is something in the rules, just not sure what.

    It is more likely to be a DNS problem than a firewall rule problem. What is the DNS used by your systems that can't access other local systems by name? If you use a public DNS it won't know the name to address mapping for your private IP addresses.

    dig and nslookup are useful tools for debugging DNS problems.



  • haha I forgot about nslookup, and as soon as I did that I realized what some of my problem was, I am using a DNS of myhouse.com so to access a computer I have to type computername.myhouse.com, ok so now I can locally access computers that are connected to the LAN through DNS rather than IP, now I just got to RDP into my server and get the file services working… one down :)



  • Ok, so apparently all I needed was the nslookup information, and I was able to get everything working perfectly this time, and still maintain all my security from the outside. Thanks so much for that little tip that solved all my problems :)



  • Can you explain why to have "bridged" interface with two dhcp servers?
    Do you need that your wireless works like router(in build dhcp-server)? it should be capable of to be an Accesspoint(Use another ones dhcp-server)



  • You do realise that myhouse.com is a real domain, registered since 2004?

    It would be better to use .local for your domain instead of .com, or use any other TLD that doesn't exist.


  • Netgate Administrator

    @Metu69salemi:

    Can you explain why to have "bridged" interface with two dhcp servers?

    Second that. At the moment your wireless client are experiencing double NAT which can cause problems. A much better settup would be to use the Netgear device as an access point only and allow pfSense to handle dhcp.

    More importantly, your OPT1 interface is in the same subnet as the other bridged interfaces. You need to have this in a different subnet. (Assuming you have /24 masks on each interface).

    Steve


Locked