I've installed pfSense on a xenserver guest with 2 virtual network devices (1 WAN, 1 LAN). When installing another guest in the LAN Network, the guest gets an IP and the correct configuration from the pfSense DHCP. The guest can resolve domains and ping other hosts (like google.de), but they can't access port 80, 443, 21, 22, …. All essential settings are left default. The router guest is able to connect to these ports.
Are there any obvious settings I missed or whats wrong with this config? I already read through the connectivity troubleshooting document, everything works on this side. Does someone has a suggestion?
Well, let's see the config and perhaps someone can see if there's anything wrong with it. What are the firewall and NAT rules you have? Is your Xenserver running any kind of packet filter/firewall on it which might be conflicting with the pfSense rules? Screenshots please.
Thanks for your answer, I'll post screenshots as soon as I am at home. The configs (NAT, Firewall) are completely default –> WAN Block private and bogon networks, LAN pass ipv4, ipv6 and the anti lockout rule. NAT outbound is set to automatic.
edit: The xenserver does not filter pakets when using a bridge. The router guest has full access to the internet.
Ok, I just found out that the guests actually have internet access, but it is insanely slow. Again, all settings are left on factory defaults.
Ok, what speed/duplex have you set (if any) on your pfSense NICs? And what speed/duplex are you running on the Xenserver? And is the port on the switch your Xenserver is plugged into also set to a particular duplex/speed? Speed issues can result if you set both the NIC and the port it's plugged into to 'autodetect' the speed/duplex of whatever they may be connected to.
Looks a lot like this: https://forum.pfsense.org/index.php?topic=88467.0
Jeah, that worked, thank you!