Allowing traffic to between interfaces



  • Running pfsense 2.0 with 1 WAN and 5 LAN interfaces.  My ISP provides me with 5 static ip's (I do software testing and demonstrations for multiple clients).  I have each LAN interface (really 1 LAN and 4 OPT, but you get the picture) on it's own vlan and have incoming traffic for each static ip routed to servers on the correct vlan's via port forwarding..  The problem I have is that when I try to connect to demo1.domain.tld from a computer behind pfsense, and that request is on one of the other interfaces, the traffic does not leave pfsense and come back.  I am assuming that is because pfsense knows it is handling the ip in question and is trying to pass the data stream to the intended interface rather than send a request out only to come right back.  However, all I get are "server timed out" messages.  I apologize if my explanation is rough, I am having a hard time describing this.

    Essentially, what I need is for computers on VLAN1 (OPT1) who try to go to demo.domain.tld (which resides on a server behind VLAN2 (OPT2) to be able to connect as if they were offsite.  Everything works perfectly from any other location.  The only ones not working are those behind the firewall but on an interface other than OPT2.  I created rules to allow traffic between these two interfaces but that didn't work. I am assuming because it only applies to LAN-to-LAN traffic and not traffic that is technically intended to go outside the network first.

    Thanks for your patience and help.





  • Thanks, that was exactly what I was looking for.  Cheers.


Log in to reply