4. OPT1 cannot Ping LAN Client

OPT1 cannot Ping LAN Client

  • C

    hi everyone,

    I am new in Pfsense.
    I set up Pfsense box and all is fine…..except  PC in OPT1 cannot ping PC in LAN (also the share folder  e.g. \lan-ip) 
    But remote desktop work in both side.

    The interesting thing is . . .  PC in Lan can ping PC in OPT1.

    appreciate if you help me to solve this problem :D







    0
  • LAYER 8 Netgate

    Your rules on OPT1 look right.  Check your firewall logs and check that the PC you are trying to ping and connect to doesn't have a software firewall enabled that is blocking the traffic.

    The OPT1 net can appear to be a foreign network and will be blocked by Windows firewall when it's configured as anything but a "Work" network I believe.  Don't quite know what to make of your comment that RDP works.

    Try pinging the LAN address (192.168.11.1) from something on OPT1.  If that works it's not your rules.

    0
  • C

    omg, u are right.  it's not my firewall rules.
    it's my windows firewall. . .
    when i turn off windows firewall. I can ping from OPT to my PC in LAN.

    but another problem. . .  how did windows firewall block my ping request (also share folder access), I confirm all the ICMP rules were enabled.

    do I really need windows firewall while I have Pfsense firewall.

    0
  • LAYER 8 Netgate

    Your call.

    Windows firewall can help protect you from local propagation of threats (one computer getting infected then infecting others in your LAN) but only if you block traffic from other local hosts.  If you enable the firewall on the clients and set it on the server so clients can access it, you can get a bit of protection.

    Personally, I turn them off.  They always seem to bite me like yours bit you.  With portable computers you need to be sure to enable them when you plug them into foreign networks like hotels and coffee shops.  Don't rely on them to provide any meaningful isolation to help protect you.  Especially with open wifi where it's pretty much impossible to do so.

    0
  • C

    oh my….

    Just solved the problem.

    I create 2 rules in windows firewall that allow ICMPv4 and 445 port for SMB-In.

    what a mess with my windows firewall. (tried restore windows firewall setting before but still blocked).

    Now works like a charm.

    Thanks

    0
 

Products

Applications

Support

Services

News

Resources

Company

Our Mission

As host of the pfSense open source firewall project, Netgate believes in enhancing network connectivity that maintains both security and privacy. We also believe everyone should be able to afford it.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy