Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    OPT1 cannot Ping LAN Client

    Scheduled Pinned Locked Moved General pfSense Questions
    5 Posts 2 Posters 1.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cheshire_cat
      last edited by

      hi everyone,

      I am new in Pfsense.
      I set up Pfsense box and all is fine…..except  PC in OPT1 cannot ping PC in LAN (also the share folder  e.g. \lan-ip) 
      But remote desktop work in both side.

      The interesting thing is . . .  PC in Lan can ping PC in OPT1.

      appreciate if you help me to solve this problem :D
      1.jpg
      1.jpg_thumb
      2.jpg
      2.jpg_thumb
      3.jpg
      3.jpg_thumb
      nnmap.jpg
      nnmap.jpg_thumb

      1 Reply Last reply Reply Quote 0
      • DerelictD
        Derelict LAYER 8 Netgate
        last edited by

        Your rules on OPT1 look right.  Check your firewall logs and check that the PC you are trying to ping and connect to doesn't have a software firewall enabled that is blocking the traffic.

        The OPT1 net can appear to be a foreign network and will be blocked by Windows firewall when it's configured as anything but a "Work" network I believe.  Don't quite know what to make of your comment that RDP works.

        Try pinging the LAN address (192.168.11.1) from something on OPT1.  If that works it's not your rules.

        Chattanooga, Tennessee, USA
        A comprehensive network diagram is worth 10,000 words and 15 conference calls.
        DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
        Do Not Chat For Help! NO_WAN_EGRESS(TM)

        1 Reply Last reply Reply Quote 0
        • C
          cheshire_cat
          last edited by

          omg, u are right.  it's not my firewall rules.
          it's my windows firewall. . .
          when i turn off windows firewall. I can ping from OPT to my PC in LAN.

          but another problem. . .  how did windows firewall block my ping request (also share folder access), I confirm all the ICMP rules were enabled.

          do I really need windows firewall while I have Pfsense firewall.

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by

            Your call.

            Windows firewall can help protect you from local propagation of threats (one computer getting infected then infecting others in your LAN) but only if you block traffic from other local hosts.  If you enable the firewall on the clients and set it on the server so clients can access it, you can get a bit of protection.

            Personally, I turn them off.  They always seem to bite me like yours bit you.  With portable computers you need to be sure to enable them when you plug them into foreign networks like hotels and coffee shops.  Don't rely on them to provide any meaningful isolation to help protect you.  Especially with open wifi where it's pretty much impossible to do so.

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • C
              cheshire_cat
              last edited by

              oh my….

              Just solved the problem.

              I create 2 rules in windows firewall that allow ICMPv4 and 445 port for SMB-In.

              what a mess with my windows firewall. (tried restore windows firewall setting before but still blocked).

              Now works like a charm.

              Thanks

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.