Traffic blocked for 2nd LAN
-
Hello,
I have a PFsense machine with 3 NIC's, 1 as WAN, 1 as LAN (192.168.2.0/24) and another as OPT1. This last NIC is for me another LAN (exactely 192.168.3.0/24).
I have setted this rules for Firewall->LAN
Proto Source Port Destination Port Gateway
TCP 192.168.2.0/24 * * * Defaultin Firewall: NAT: Outbound I have write this:
Interface Source Source Port Destination Destination Port Nat Address Nat port Static Port
WAN 192.168.2.0/24 * * * * * NOWell. In this situation my host in LAN network can go to Internet.
The problem birth when I create this rules for OPT1 (my 2nd LAN).
I have created same rules for OPT1 (with the correct address) BUT my host in OPT1 network can't go to internet!!!What I can do ??? ??? ??? ?
thanks in advance.
-
As you seem to use advanced outbound NAT create a NAT rule for the OPT1 subnet too. Also it seems that you only allow protocol TCP at LAN. You should use protocol ANY as you probably need ICMP, UDP for DNS and so on. I would start with any any any to any rules at LAN and OPT1 and disable advanced outbound nat (if it'S disable pfSense will do NAT at every interface that has a gateway set.
-
I have changed TCP with any.
But I don't can disable "enable advanced outbound NAT" (webGUI don't permit to disable) then I have try to delete NAT Outbound rules BUT in this case nobody network can exit to Internet.
where I mistake?
-
Switch to IPSEC passthrough, it's the option that disables advanced outbound nat.
-
OK :D
but my 2nd LAN don't exit to Internet.
moreover I don't succeed to ping from PFSense machine to any host in 2nd LAN. The ping answer with "Host is down" and this is IMPOSSIBLE!!!
I think I lost the control :-[
I hope in your help.
-
It should still work this way. Make sure all clients at LAN and OPT1 use the correct gateway and have valid IP configuration.