Rule to pass all traffic from LAN to WAN



  • Hi all,

    I've been trying to craft a rule to allow all traffic from one network to the internet, without having to create an "allow to any" rule.
    I know this sounds very basic, and I'm sure it's easy to do but I can't seem to create one that works, nor can I really find anything about it on the internet.
    I should mention that pfSense's external IP is a 10.0.1.x address at this moment (I'm setting up a server at home to be put in a data center later).

    Looking at the attached diagram, I'm trying to pass all traffic from the CLIENTS network to the EXTERNAL network.
    I tried using destination = EXTERNAL subnet, destination = EXTERNAL address and even destination = the IP of the external gateway (10.0.1.1), but none seem to work. When destination = any, it works fine.

    Do I have this problem because pfSense's EXTERNAL interface is behind my home router, or am I missing something completely?
    ![Screen Shot 2012-02-17 at 15.52.17.png](/public/imported_attachments/1/Screen Shot 2012-02-17 at 15.52.17.png)
    ![Screen Shot 2012-02-17 at 15.52.17.png_thumb](/public/imported_attachments/1/Screen Shot 2012-02-17 at 15.52.17.png_thumb)



  • Assuming you're using 2.0, the rule should be on the LAN interface, source of the LAN subnet. You then can either chose a destination of not 192.168.0.0/16 or possibly a gateway of the WAN interface (I've not tested that, but it looks like it should be right).



  • Brilliant, not 192.168.0.0/16 did the trick! Thanks.


Log in to reply