Can't access cloud device on LAN -[Solved]-

Focused

Hello first post. I tried a search for this but didnt find a lot of help, or perhaps my search criteria sucks? I'm running 2.2.2 amd64 with a netgear prosafe 108e switch for my LAN. My Lenovo ix2-200 cloud device is also on the LAN with IP of 192.168.2.19. I can't see or access it. I have my personal PC and the wife's in the same IP range. It's showing it's acquired the correct IP range but the software on the windows machine can't find the cloud device. Is this a case of NAT or something different? Thanks for any help. I'm still quite new to pfsense, FYI.

divsys

Welcome to pfSense!

First thing, a simple diagram of your setup would be helpful.

I'm guessing (hoping?) your setup is similar to:

Cable/ADSL modem-> WAN [pfSense] LAN ->Netgear Switch->ix2-200
                                                                                        |->Wife's PC
                                                                                        |->My PC

The Win software to find the ix2 is probably configured to reach the box via the Web which in this case isn't actually required since you're on the same subnet (192.168.2.x/24).

The box should be directly addressable @ it's internal 192.168.2.?? address.
The "cloud" capability becomes useful when you try and reach your files from outside your home, at the library, airport,etc.
That's where NAT comes in and the situation gets more interesting.

Give us some more info on your setup and what works/doesn't and we'll try to help.

Focused

Sorry and thank you. Yes your diagram is pretty much correct. The WAN's internal IP is 192.168.0.11:32 and the LAN range is 192.168.2.xxx:24 with mine, the wife's and the cloud device. I have all my movie, photos and other stuff on the cloud device which I could access through the "network" before the pfsense box was installed. The windows software is showing the cloud device but it's still unreachable. I want it to be reachable with the other users on the LAN. I keep getting a ERR_CONNECTION_RESET error through the lenovo web gui. No access at all to the cloud device at this time.

Edit
Could not add the device with the ip 192.168.2.19 because it is in different subnet and is not routable… latest error from the lenovo windows software

Edit
Is this a case of NAT reflection?

divsys

If your WAN IP is 192.168.0.11 and you're able to access the internet properly for Web pages and email, that's a pretty clear indication your "modem" is actually a router-modem combo.
You have 2 basic options in this scenario:

1. (Definitely the preferable setup)  Setup your modem to give you a "Bridged" mode so that it provides an external IP address to pfSense and disables any of its firewalling abilities.

2. Setup a "Double-NAT" through your existing modem to talk with the NAT in pfSense.

If you can make option 1) work, it will drastically simplify your setup and configuration of pfSense.
Option 2) might be possible, but it's often not pretty and can be problematic at best.

What make/model of modem do you have?

Could not add the device with the ip 192.168.2.19 because it is in different subnet and is not routable… latest error from the lenovo windows software

Are you on the same subnet as the ix2?  What's your PC's IP address?
Can you ping 192.168.2.19 from your PC?
Have you tried going to 192.168.2.19 in a Web browser?

Is this a case of NAT reflection?

NAT reflection may come into play, but your choice of options above comes first.

Focused

Thanks.

@divsys:

If your WAN IP is 192.168.0.11 and you're able to access the internet properly for Web pages and email, that's a pretty clear indication your "modem" is actually a router-modem combo.
You have 2 basic options in this scenario:

1. (Definitely the preferable setup)  Setup your modem to give you a "Bridged" mode so that it provides an external IP address to pfSense and disables any of its firewalling abilities.

2. Setup a "Double-NAT" through your existing modem to talk with the NAT in pfSense.

If you can make option 1) work, it will drastically simplify your setup and configuration of pfSense.
Option 2) might be possible, but it's often not pretty and can be problematic at best.

What make/model of modem do you have?

hitron CGNM-2250

Could not add the device with the ip 192.168.2.19 because it is in different subnet and is not routable… latest error from the lenovo windows software

Are you on the same subnet as the ix2?  What's your PC's IP address?
Can you ping 192.168.2.19 from your PC?
Have you tried going to 192.168.2.19 in a Web browser?

Yes, same subnet(192.168.2.18), yes and yes.

Is this a case of NAT reflection?

NAT reflection may come into play, but your choice of options above comes first.

Focused

I've managed to use IPPassthrough within the modem. I believe effectively bridging…I hope. YES! success!

Thanks for all the help! Solved.

divsys

Glad you got it up and running.

As you've seen the forum can be a great resource.

It might be nice if you update the Subject of your first message with a [Solved] tag so that others can benefit.

Again, welcome to pfSense!