File Sharing

  • Hi all,

    I'm new to pfsense but am usually pretty good with most routers/networking etc..
    I cant seam to find any answers here or on Google about how to file share from another interface to LAN.
    I would really appreciate it if someone could help me or post some links with some helpful how to's.

    I'm a bit confused as to which is the correct way to file share between interfaces without bridging, should I be using VPN or adjusting rules etc.?

    My situation is as follows

    I have 3 NIC's, one for WAN one for LAN and one for my test server where I build my websites (OPT1)
    I simply want to be able to edit my sites over network shares rather than locally and then uploading via FTP… This is how I've always done it with other routers.

    My networks are: WAN external IP (ISP), LAN, OPT1

    Thanks in advance for any help :)


  • The default "pass all" rule on LAN will let you initiate a connection from a LAN client to a file share on OPT1.
    Add a rule on OPT1 to pass source OPT1net destination LANnet - then you can initiate a connection from an OPT1 client to a file share on LAN.
    If you just type IP addresses it will now work - \\sharename
    But people like to use names. So add names to your DNS server. If you are using the DNS forwarder on pfSense, then simply add Host Overrides to give names that point to the IP of the relevant servers.
    You can't do general browsing of the network for file shares across in another subnet/NIC/broadcat-domain. You need to know and use a name (or IP address if you are a nerd like the rest of us here)

  • What is currently not working?
    What did you try? How did it not behave the way you expected?

    As phil stated: from the LAN you can connect anywhere.
    If you try to connect from the OPT to the LAN you need a firewall rule on the OPT interface.

  • I don't want OPT1 to have access to file shares on LAN.

    I Have my rules set like follows:

    LAN -  * * * LAN Address 443/80 ** (this is the default rule)
    LAN -  * * LAN net * * * * none (custom rule)

    OPT1 - * OPT1 net * * * * none (custom rule)

    Thanks again

  • Add a rule above the existing OPT1 rule:
    block source OPT1 net, destination LAN net
    then OPT1 can get out to all the internet, but not to LAN net.

    If you need more help, then answer:

    What is currently not working?
    What did you try? How did it not behave the way you expected?

  • I don't know why I didn't try it earlier but it just dawned on me to turn the windows firewall off and it started working. Why would my windows xp firewall be blocking local file sharing, is there some ports I should open for this?

  • I should also tell you this windows xp firewall (that I just turned off) is on the computer on OPT1 network :)

  • Windows firewall makes people feel:  :(

    It was probably allowing its subnet but not the subnet of your other interfaces.

    You CAN set rules to allow all your subnets and then turn it back on if its all you have on that machine.

    (I'm not a fan of the way windows manages a firewall)

  • Thanks guys for your help, its working :)…

    I hope I did it right!.. Like kejianshi said, I added my subnet to the custom list in the Windows XP firewall and it worked :)

    Just to be clear about what I did and for anybody else who may not know how, here's how.

    In windows XP firewall settings under exceptions select "File and Print Sharing" and choose edit. Now add your subnet to the custom list. (don't forget to include the original subnet)

    Thanks again guys :)

Log in to reply