Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Can't access LAN defined in static route.

    Scheduled Pinned Locked Moved Routing and Multi WAN
    3 Posts 3 Posters 1.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      solkool
      last edited by

      I have a home setup and I'm having trouble communicating between computers.

      I have pfsense (2.0.1) with 2 NICs, one is connected to my internet modem and the other is connected to a 24-p switch, the network is 192.168.50.0/26 . On that switch there's a WiFi router (DLINK DIR-615) connected and has a different network 192.168.10.0/27. I can communicate from the 192.168.10.0 network to any computer in the 192.168.50.0 network, but I can't do it the other way around.

      I was told to add a static route on pfsense, and so I added this, but it doesn't work.

      1 Reply Last reply Reply Quote 0
      • P
        podilarius
        last edited by

        The default rule on the LAN is to allow only LAN subnet. Since that is not in the LAN subnet traffic originating from the wifi network should get blocked. The only reason it works the other way is that you are creating a state entry for the return traffic. There is an advanced option to bypass FW rules where the source and destination is on the same network.
        You can check that option or open up the rule to allow all or both subnets.

        1 Reply Last reply Reply Quote 0
        • S
          stormeporm
          last edited by

          Dont know your setup but i think your dlink is firewalling all the traffic from the outside wich is your .50 network. The traffic from the inside the .10 network is not being firewalled since that is trusted traffic and 99% of all routers are setup like this. Also the network before the Dlink does not now of the existence of the .10 network since all they see is your dlink that has an .50 adres. So if any traffic needs to go to the .10 network only the dlink knows where it should go. That can cause a lot of problems to.

          Its best to setup de dlink as an accespoint, no dhcp firewall or nat. Add a third network interface and connect it. Let pfsene do the firwalling nat and dhcp an add firewall rulles to allow traffic between the networks.
          You can do this also without an extra interface just connect it to the 24p switch and everybody on the wireless will get an .50 address. But than you cant apply any firewall rules to it.

          Link with info howto set it up as an acces point
          http://apttech.wordpress.com/2009/09/29/how-to-connect-a-dlink-dir515-wireless-to-another-router-to-use-as-an-access-point/

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.