Help with traffic between LAN OPT1 and OPT2



  • Hi Guys
    I just starting my adventure with PFsense and already having lot of problems with it.
    I cannot communicate/ping between computers on different subnets.
    Ok here is my network:

    comp1|| [192.168.100.30]–----[LAN-de0: 192.168.100.3]–||PFSENSE router||-- [OPT1-de1: 192.168.110.1] –---- [192.168.110.234] ||comp2||
                                                                                      |
                                                                                      |
                                                                      [OPT2-de2: 192.168.120.1]
                                                                                      |
                                                                                      |
                                                                                      |
                                                                        [192.168.120.235] ||comp3

    What I would like to do to be able to communicate between each computers.
    This is what I tried so far:
    => from shell i typed: pfctl -d (disable firewall) after that each computer is able to ping relating NIC on pfsense router but nothing else.
    => setup firewall rules for each NIC like that:
    For OPT1 NIC:
    Pass any from OPT1 subnet to LAN subnet
    and similar for every other NIC.
    After that im not able to ping anything and Im loosing webGUI connection.

    To clarify i have no internet connection there, all I want to do is to setup connections between each machine so I can manipulate Packet Delay & Packet Loss, for example I will be pinging from comp1 to comp2 while packet loss will be 20% and from comp1 to comp3 while packet loss will be 50%.

    Anybody can help me?
    Thanks



  • that sounds like simple routing. I would try then to setup a rule that say LAN subnet to any (on the lan interface rules). THen setup OPT1 subnet to any on opt1 …  was there a WAN used? either way though, go into Firewall -> NAT -> Outbound NAT. Set it to manual and remove any rules that are auto created. Then perform a reboot to clear any left overs.



  • @podilarius:

    that sounds like simple routing. I would try then to setup a rule that say LAN subnet to any (on the lan interface rules). THen setup OPT1 subnet to any on opt1 …  was there a WAN used? either way though, go into Firewall -> NAT -> Outbound NAT. Set it to manual and remove any rules that are auto created. Then perform a reboot to clear any left overs.

    That really works!
    -I deleted all rules
    -I set NAT to manual
    -I let LAN,OPT1 and OPT2 to talk to ANY on ANY port

    still wasn't working. Then I decide to check route tables on each machines - BINGO!
    I added route on each machine and Its all working now!
    Thank You for Your help!

    damn! pfsense is really simple! I just need to pay attention what I'm doing.
    THANKS!



  • Good!

    I guess you added persistent static routes? Can you share example?

    Best regards

    Kostas



  • Ok
    for example:
    LAN machine IP address - 192.168.110.235
    OPT1 machine IP address - 192.168.120.234

    pfsense OPT1 NIC - 192.168.120.1
    pfsense LAN NIC - 192.168.110.1

    To allow LAN machine to communicate witp OPT1 machine, I opened CMD on LAN machine and typed:
    route ADD 192.168.0.0 MASK 255.255.0.0 192.168.110.1 METRIC 10 -p

    That basically transfer all the transfer for 192.168.x.x to the pfsense nic 192.168.110.1. Doing that Im able to "drop packets" or "slow down" packets. If You having only one subnet I guess You could use subnet 255.255.255.0 to limit traffic.
    I used mask 255.255.0.0 basically to be able to communicate with other subnets that I will create in the future.
    I hope this is clear enough.
    Thanks


Log in to reply