• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Connecting to computers on a WAN port

Scheduled Pinned Locked Moved Routing and Multi WAN
7 Posts 3 Posters 3.1k Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • E
    eddie4
    last edited by May 5, 2007, 12:38 PM May 4, 2007, 10:01 AM

    Hello I and a friend have a wireless bridge spanning 1km and I finally after 2 years found the time to set up a load balancing server with pfsense. But the firewall prevents me from accessing his network aim guessing this is a very easy fix but I just don't have the knowledge so if any one could help me out I really appreciate it

    pfsense server
    le0 83.161..
    le1 172.0.1.0/24 (LAN)
    le2 172.0.0.0/24 gateway 172.0.0.1 (Lan + Internet)

    THE FIX for this problem

    enter the new rule for WAN2
    Protocol any,Source any,Destination any, Gateway default
    enter a new rule for LAN
    Protocol any,Source any,source lan subnet, Destination WAN2 subnet, Gateway default

    make sure the computer is not in the same subnet as WAN2

    1 Reply Last reply Reply Quote 0
    • G
      GruensFroeschli
      last edited by May 4, 2007, 10:49 AM

      172.0.1.0 is a public IP you shouldn't use that.
      allowed private IP's are
      192.168.x.x
      172.16.x.x ~ 172.31.x.x
      10.x.x.x

      how did you setup your balancing?
      did you change your firewallrules to use the balancing pool?
      also you need a rule which excludes the range of your friend from the balancer since you dont want to balance traffic to him. (you cannot reach him over your local WAN)
      also you might be interrested that on the "wan" tab there is an option which disables traffic to private IP's on WAN.

      We do what we must, because we can.

      Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

      1 Reply Last reply Reply Quote 0
      • E
        eddie4
        last edited by May 5, 2007, 9:37 AM May 5, 2007, 9:32 AM

        pfsense server
        le0 83.161..
        le1 172.0.1.0/24 (LAN)
        le2 172.0.0.0/24 gateway 172.0.0.1 (Lan + Internet)

        My outgoing firewall settings

        The how-to that I fallowed
        http://doc.pfsense.org/index.php/Multi-Wan/Load-Balancing

        My friend should also be allowed to access my network and the load balancer

        1 Reply Last reply Reply Quote 0
        • J
          jeroen234
          last edited by May 5, 2007, 9:41 AM

          remove youre ftp work around
          that rule will make it that all the rules below it will never be seen

          1 Reply Last reply Reply Quote 0
          • E
            eddie4
            last edited by May 5, 2007, 10:06 AM May 5, 2007, 10:03 AM

            Don't think so it redirects to 127.0.0.1 on the load balancer it doesn't show in the overview. As it says in the how to here

            But the load balacing works it's just that I can't access the computers on the other side of the WAN2 and they can't use the pfsense gateway

            1 Reply Last reply Reply Quote 0
            • G
              GruensFroeschli
              last edited by May 5, 2007, 11:09 AM

              FTP/NAT-Reflection Workaround
              If you want to connect to a FTP server you need to add this workaround to your LAN tab (or any other internal interface) at the very top of your rules:

              Protocol any,Source any,Destination 127.0.0.1, Gateway default

              Now the packets are forwarded correctly and you can connect to an FTP server. Please note that FTP will always be mapped to WAN only due to the multiport transfer character of this protocol. You also MUST have the ftp-helper enabled at Interfaces>LAN (or any other internal subnet that will use outbound FTP).

              you've missconfigured the ftp-workaround rule.
              your destination is * (everywhere)
              and not 127.0.0.1

              We do what we must, because we can.

              Asking questions the smart way: http://www.catb.org/esr/faqs/smart-questions.html

              1 Reply Last reply Reply Quote 0
              • E
                eddie4
                last edited by May 5, 2007, 12:37 PM May 5, 2007, 11:32 AM

                No I didn’t it's a bug see attachment

                But that isn't the question, how can the computers on the other side of the WAN2 access my network and pfsense gateway

                EDIT

                FIXED

                wille just browzing the web interface i found there is a tab WAN2 (didn't see that before)

                enter the new rule for WAN2
                Protocol any,Source any,Destination any, Gateway default
                enter a new rule for LAN
                Protocol any,Source any,source lan subnet, Destination WAN2 subnet, Gateway default

                make sure the computer in LAN is not in the same subnet as WAN2

                rule.jpg
                rule.jpg_thumb

                1 Reply Last reply Reply Quote 0
                1 out of 7
                • First post
                  1/7
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
                  This community forum collects and processes your personal information.
                  consent.not_received