Multiple networks behind LAN interface
-
I have PF sense running and its LAN ip address is in the network 172.16.40.0 /22. I have a Cisco router one port sits in the LAN and and another port sits in the WiFi Network. From the WiFi network I cannot access the internet or ping the PF Sense firewall. The PF Sense has a static route to the 192.168.0.0 network. From the PFsense firewall I can ping the Wifi Network interface on the cisco.
WAN > INTERNET IP PF Sense 172.16.40.23 > LAN 172.16.40.0/22 > 172.16.40.20 Router 192.168.0.180 > WiFi Net 192.168.0.0/24
Is there a setting on the firewall that is not allowing this traffic?
From PF Sense I can ping 192.168.0.180 using LAN as source.
From Router I cannot ping PF Sense (172.16.40.23) using the WiFi interface (192.168.0.180).
From Router I can ping PF Sense (172.16.40.23) using LAN interface (172.16.40.20).
From the router I can ping other hosts on the LAN from the WIFI interface.Thanks
-
Does the router has a default gateway to the pfsense LAN IP?
-
and does pfSense LAN have a rule that will allow traffic with source 192.168.0.0/whatever-mask ?
-
Yep, what Phil said. :)
The default LAN rule will block that because the source is outside the LAN subnet so if you haven't changed it or added more rules that traffic won't be allowed.Steve
