Routing from WAN to LAN
I have a PFSENSE box that is routing traffic like this :-
Domain –-- PFSense ----- Smoothwall Filter ------- Internet
It's working fine, I can ping the gateways from each interface and the internet is working across VLANS and the LAN , however I can't seem to ping anything on the domain from the WAN interface.
I need access to Active Directory from the Smoothwall box to allow Authentication - how would I do this ?
LAN address is 192.168.5.80 - Smoothwall Gateway is 192.168.110.1 (WAN IP is 192.168.110.2)
What I'm trying to achieve is one PFSENSE box as a router instead of a layer 3 switch for internal lan and vlans to smoothwall
Eventually it will be LAN -> PFSENSE Router -> Smoothwall -> PFSENSE Firewall
WAN is set to ignore private addresses by default, so it's not going to respond to your Smoothwall unless you uncheck that via (Interfaces - WAN). Are you using pfSense as a router only (firewall disabled) or is the firewall still active? To get access to your DC, you could add a WAN rule that allows the Smoothwall to have full access to the DC.
Yes the firewall is still active but I have rules to allow all traffic (IPV4* LAN/WAN/VLAN * * * *) on each interface
What would the rule look like ? And would it be easier to disable the firewall ?
Thanks for the help
What would the rule look like ?
It would look like a Pass rule with your Smoothwall as the Source and the DC as the Destination. Ports depend on your Windows Server version, but likely 49152-65535 if you want to limit access to just domain services.
And would it be easier to disable the firewall ?
It's certainly easy, but I don't know how it would perform for you. Try it. System - Advanced - Firewall/NAT - Disable firewall.
Thanks, I'll give it a go - nearly there it's just this last hurdle :)
I removed the firewall role and still nothing, I can ping the DC from the LAN interface but I can't from the WAN interface (full packet loss) I must be missing something somewhere!
seems I was, seeing as this is in a non production environment I needed to add the gateway to the DCs (had to slap myself there…)
Maybe post screencaps of your interface details.
I know I started another thread but, I recreated the box and kept it simple as possible
I see John's made more progress so I'll abandon this thread.