LAN -> DMZ don't work
-
I have a computer with 1.2-RC3 and four NICs:
WAN = DHCP
LAN = 192.168.110.1/24
DMZ = 192.168.111.1/24
WLAN = 192.168.109.1/24I've added the following pass-rule to the top of the list of rules for the LAN interface:
Proto Source Port Destination Port Gateway Schedule Description
* * * * * * * *I have one accespoint with ip 192.168.109.2 and one laptop with ip 192.168.109.151 on the WLAN interface. When i try to ping either one of them, I get no response. What could be wrong?
I can ping the WLAN-address of pfsense (192.168.109.1) by the way… -
Do you have a rule on the WLAN interface that allows traffic?
Got a firewall on the WLAN client that might block the pings? -
- I have the same rule on the WLAN interface.
- The laptop on the WLAN-interface can ping the accespoint so…pinging from LAN should not be a problem, right?
-
to 2:
ping is not bidirectional.
If you have a firewall on the Laptop that blocks pings the laptop cannot be pinged :)Can you ping the laptop if you use the ping-utility on pfSense?
If not then the problem is definitly on the laptop end. (since the laptop is able to ping the pfSense) -
I can ping the accesspoint from the pfSense tool, but i can't ping the accespoint from my computer on the LAN.
-
Proto Source Port Destination Port Gateway Schedule Description
* * * * * * * *Proto Source Port Destination Port Gateway Schedule Description
* Lan subnet * * * * * *Proto Source Port Destination Port Gateway Schedule Description
* Wlan subnet * * * * * * -
I've added the rules you sudjested Perry, to both my LAN and my WLAN interface. I still can't ping the access-point from my computer on my LAN-interface.
-
you're writing about pinging the AP.
what kind of AP is that?
somehow i suspect your AP is doing NAT and you have on the AP the WLAN subnet on WAN and WLAN side. -
I only use the LAN-ports of the "AP" but…you got me thinking Gruens. I just changed in the AP configuration and got it up and running. Now i can reach the LAN from the WLAN.
I but i can't reach the WLAN from the LAN though, but that's not important enough for me to continue messing with the AP for :) And besides...my primary aim is to learn how to manage the pfsense box, not the AP ;DThanks for the help everyone!