Two network in pfsense
-
HI
Pfsense router
Wan :: xxxxxxxxxxxxxx
Lan: 192.168.0.0 ( in this network active directory server DNS and other server)
PTI : 192.168.5.0 (all internet user)how opti can communicate with lan becouse my DNS and AD is not reachable to this network i can ping to 192.168.5.0 network form 192.168.0.2 but i can not ping or access 192.168.5.0 network
can any one help me please iam new with pfsense :(
thanks in advance
-
On LAN interface pfSense have a predefined firewall rule, wich allows any incoming traffic to anywhere. If you add additional interfaces you have to set rules for allowed traffic yourself in Firewall > Rules. Have you done this?
-
@Abid:
Lan: 192.168.0.0 ( in this network active directory server DNS and other server)
PTI : 192.168.5.0 (all internet user)how opti can communicate with lan becouse my DNS and AD is not reachable to this network i can ping to 192.168.5.0 network form 192.168.0.2 but i can not ping or access 192.168.5.0 network
Your description is a little bit confusing. Could you tell us what concretely works and what does not.
And what is lan2 in your rules?
Please post your interface configuration from Status > Interfaces. -
LAN is my pf sense interface and lan2 also my pf sense interface lan ip is 192.168.0.2 and lan2 IP is 192.168.5.4
some server's like AD and DNS and web application and some user behind LAN interface and some user of LAN 2 want to access Lan Server's
Lan2 network can not access the LAN network
please advise
-
The setting looks well.
The rule
IPv4 TCP/UDP 192.168.5.0/24 * 192.168.0.0/24 * * none Lan to wan
should allow anything you need for usual AD access, expect ping.
And you have added this rule to the correct interface (lan2)?The PCs on both LANs must have set their pfSense interface IP as default gateway. Is this done?
PCs in LAN: 192.168.0.2
LAN2: 192.168.5.4To you have access to internet from lan2?
-
internet working fine but i can not access Lan Ad and DNS server \adserver and not even ping the lan network and user over lan2 is not login with ad
please advise what is the reason -
Okay, please provide screen shots for your LAN rules (both LANs since you have two).
If you don't need to block traffic between the LANs, create an ANY/ANY rule between the two. That rule must be created on each LAN. This will allow traffic to go between the two.
You also indicate that you are running AD. Is the AD server managing the DHCP scope for both LANs?
-
should i put the LAN gateway on LAN interface and lan2 gateway in lan2 interface ?
it is necessary -
Here is what I have set up. You'll see there is a LAN to LAN2 rule and I have LAN2 going out my WAN2 gateway because I have two WANs.
On my LAN you'll see a similar rule to get to LAN2.
![Screen Shot 2015-09-05 at 10.36.07 AM.png](/public/imported_attachments/1/Screen Shot 2015-09-05 at 10.36.07 AM.png)
![Screen Shot 2015-09-05 at 10.36.07 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-09-05 at 10.36.07 AM.png_thumb)
![Screen Shot 2015-09-05 at 10.37.28 AM.png](/public/imported_attachments/1/Screen Shot 2015-09-05 at 10.37.28 AM.png)
![Screen Shot 2015-09-05 at 10.37.28 AM.png_thumb](/public/imported_attachments/1/Screen Shot 2015-09-05 at 10.37.28 AM.png_thumb) -
It's not recommended to allow any to any on both LAN, especially if one of the is a DMZ or a client network. But it' a good approach for testing. Just put this rule on the top of you LAN2 rule set.
The TO had rules set up to allow wanted traffic. But he didn't tell us if they are in the right place. A screenshot would give more clarity.
@Abid:
should i put the LAN gateway on LAN interface and lan2 gateway in lan2 interface ?
it is necessarySince pfSense is the gateway for all your subnets, you must not have setup any gateways for LAN and LAN2.
But you have to set the pfSense interface IP as gateway at your PCs.For troubleshooting enable logging of each rule and the default blocks and see what's the causer of your issue in firewall logs.
-
THANKS FOR YOUR SUPPORT NOW I CAN ACCESS ALL THE NETWORK