Access between two nets



  • Hi folks!

    I have two nets, one in my home and other in my office, both of them behind pfSense
    home -> lan: 192.168.1.1
    office -> lan: 192.168.0.1

    Both of tem have a ddns:
    home: net_house.no-ip.org
    office: net_office.no-ip.org

    When I try, from my home, access the net of my office, it doesn't happen. So I try to ping and it occurs:

    ping net_office.no-ip.org

    PING net_office.no-ip.org (186.218.212.79) 56(84) bytes of data.
    From 10.33.0.1: icmp_seq=36 Redirect Host(New nexthop: 10.33.0.1)

    I use nmap:

    nmap -Pn net_office

    Starting Nmap 6.40 ( http://nmap.org ) at 2014-09-11 07:43 BRT
    Nmap scan report for 186-218-212-88.viacaboip.com.br (186.218.212.79)
    Host is up.
    All 1000 scanned ports on 186-218-212-88.viacaboip.com.br (186.218.212.79) are filtered

    When I connect direct to the modem (without pfsense), I can access normally my net on the office (From my house)

    ping net_office.no-ip.org

    PING net_office.no-ip.org (186.218.212.79) 56(84) bytes of data.
    64 bytes from 186-218-212-79.viacaboip.com.br (186.218.212.79): icmp_seq=1 ttl=63 time=22.0 ms

    nmap -Pn net_office

    Starting Nmap 6.40 ( http://nmap.org ) at 2014-09-11 07:55 BRT
    Nmap scan report for 186-218-212-79.viacaboip.com.br (186.218.212.79)
    Host is up (0.032s latency).
    Not shown: 998 filtered ports
    PORT    STATE SERVICE
    80/tcp  open  http
    3389/tcp open  ms-wbt-server
    Nmap done: 1 IP address (1 host up) scanned in 23.18 seconds

    I'm not using a VPN.

    Follow the rules created in pfSense on my house and in my office (They are the same rules in both pfSense)

    Can anyone help me please?



  • LAYER 8 Netgate

    I'm not using a VPN.

    Umm, you either need to use a VPN or set NAT port forwards into your LANs.

    Use a VPN.


  • LAYER 8 Global Moderator

    "I have two nets, one in my home and other in my office, both of them behind pfSense"

    What are you trying accomplish.. that net_office.no-ip.org does not resolve.  But that IP you listed does answer ping.

    ;; QUESTION SECTION:
    ;net_office.no-ip.org.          IN      A

    ;; AUTHORITY SECTION:
    no-ip.org.              60      IN      SOA    nf1.no-ip.com. hostmaster.no-ip.com. 2265445508 18000 1800 604800 1800

    C:>ping 186.218.212.79

    Pinging 186.218.212.79 with 32 bytes of data:
    Reply from 186.218.212.79: bytes=32 time=165ms TTL=48
    Reply from 186.218.212.79: bytes=32 time=171ms TTL=48

    This seems ODD

    186-218-212-88.viacaboip.com.br (186.218.212.79)

    Your PTR does not match up with the IP.. you see .79 but PTR says .88 - are you editing these names and IPs?

    What are you trying to accomplish??  Do you just want to hit some web interface on your home/office location behind pfsense, or the pfsense gui?  Your rules show to the pfsense wan IP your allowing 80/443 so the pfsense web gui?  Are you pfsense behind nats?  What does pfsense show for its wan address.. Does it match up to 186.218.212??  Or is it some private address 10.x, 192.168.x, 172.16-31.x ?



  • Hi,

    My rules were wrong. Problem solved!!

    Thanks everybody ;)


Log in to reply