4. Multiple networks behind LAN interface

Multiple networks behind LAN interface

  • A

    I have PF sense running and its LAN ip address is in the network 172.16.40.0 /22. I have a Cisco router one port sits in the LAN and and another port sits in the WiFi Network. From the WiFi network I cannot access the internet or ping the PF Sense firewall. The PF Sense has a static route to the 192.168.0.0 network. From the PFsense firewall I can ping the Wifi Network interface on the cisco.

    WAN > INTERNET IP PF Sense 172.16.40.23 > LAN 172.16.40.0/22 > 172.16.40.20 Router 192.168.0.180 > WiFi Net 192.168.0.0/24

    Is there a setting on the firewall that is not allowing this traffic?

    From PF Sense I can ping 192.168.0.180 using LAN as source.
    From Router I cannot ping PF Sense (172.16.40.23) using the WiFi interface (192.168.0.180).
    From Router I can ping PF Sense (172.16.40.23) using LAN interface (172.16.40.20).
    From the router I can ping other hosts on the LAN from the WIFI interface.

    Thanks

    0
  • J

    Does the router has a default gateway to the pfsense LAN IP?

    0
  • P

    and does pfSense LAN have a rule that will allow traffic with source 192.168.0.0/whatever-mask ?

    0
  • Netgate Administrator

    Yep, what Phil said.  :)
    The default LAN rule will block that because the source is outside the LAN subnet so if you haven't changed it or added more rules that traffic won't be allowed.

    Steve

    0
Log in to reply
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy