Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    RDP to host server running PFsense on vmware causes a problem

    Scheduled Pinned Locked Moved Routing and Multi WAN
    13 Posts 3 Posters 2.0k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • E Offline
      eulereggae
      last edited by

      Basically. 192.168.2.is.my.host's.IP, and is natted by vmware as wan interface for my pfsense. Pfsense LAN is the 192.168.10.segment

      1 Reply Last reply Reply Quote 0
      • johnpozJ Online
        johnpoz LAYER 8 Global Moderator
        last edited by

        "192.168.2.is.my.host's.IP"  You mean that is pfsense WAN IP?  You would have a different IP in that same network for your vmkern..

        Please draw your network..  My pfsense is on esxi, I have multiple wired and wireless segments and don't have any issues what so ever rdp between segments..

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

        1 Reply Last reply Reply Quote 0
        • E Offline
          eulereggae
          last edited by

          Basically. 192.168.2.is.my.host's.IP, and is natted by vmware as wan interface for my pfsense. YES that is my pfsense wan ip…

          windows machine--->                          pfsense                                    ----------->client pc with ip 192.168.10.97given by pfsense
              192.168.2.2                  wan is 192.168.2.2, lan is 192.168.10.1

          1 Reply Last reply Reply Quote 0
          • H Offline
            heper
            last edited by

            2 devices can not have the same ip, not even in the VM world.

            1 Reply Last reply Reply Quote 0
            • johnpozJ Online
              johnpoz LAYER 8 Global Moderator
              last edited by

              yeah how is that suppose to work??  windows machine 192.168.2.2 and pfsense 192.168.2.2 ????

              An intelligent man is sometimes forced to be drunk to spend time with his fools
              If you get confused: Listen to the Music Play
              Please don't Chat/PM me for help, unless mod related
              SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

              1 Reply Last reply Reply Quote 0
              • E Offline
                eulereggae
                last edited by

                im sorry… what i mean is, my host ip is 192.168.2.2 and is assigned by my dhcp server (router connected to my modem), then it is NATted to my vm pfsense with wan ip 192.168.2.4 and a lan ip of 192.168.10.1/24

                im really sorry i wasnt thinking straight last time. here it is again

                isp/ router--------Host pc--------->(vm) pfsense------------------>client pc
                                      192.168.2.2          192.168.2.4                    192.168.10.97

                what i did was, using the client pc, i RDP into my host pc (192.18.2.2)

                1 Reply Last reply Reply Quote 0
                • johnpozJ Online
                  johnpoz LAYER 8 Global Moderator
                  last edited by

                  So that VM is running on pfsense player?  So your client machine and and host pc are on the same dumb switch and pfsense lan interface is also on the same dumb switch so you hvae a loop?

                  "then it is NATted to my vm pfsense with wan ip 192.168.2.4"
                  What is natted?  Sure looks like 192.168.2.2 192.168.2.4 would be on the same NETWORK..

                  Please draw your physical connections..

                  Yes client machine running through pfsense out of the box would be nattted to that 192.168.2.4 wan IP of pfsense.

                  An intelligent man is sometimes forced to be drunk to spend time with his fools
                  If you get confused: Listen to the Music Play
                  Please don't Chat/PM me for help, unless mod related
                  SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                  1 Reply Last reply Reply Quote 0
                  • E Offline
                    eulereggae
                    last edited by

                    i thot people would understand me right away so i'll try to draw it as good as i can…

                    __________
                    __________          __________                l  dumb        l
                    l                  l          l  wireless    l-------------l  switch      l>>>>>>>> to other pc's
                    lISP modem l------- l                  l                l__________l
                    l_________l          l  router      l                  _______________
                                                  l_________-l--------        l host pc                l 
                                            Lan:192.168.2.8        l____l lan:192.168.2.2  l
                                                                                        l                            l
                                                                                        l pfsense on        l            _________
                                                                                        l  VMWARE          l            l bridged    l        WIFI
                                                                                        lnat:192.168.2.4  l----------l  router    l>>>>>>>>>>client pc with ip: 192.168.10.97
                                                                                        llan:192.168.10.1 l            l_________l
                                                                                        l______________l

                    So i have internet on the client pc, after i log in to the captive portal. what i wanted to do was to allow that client windows pc constant access without having to go thru the portal so i tried to RDP to the Host pc, 192.168.2.2. expecting that once i get in, ill just open the broser and access my pfsense t allow the client's mac .

                    1 Reply Last reply Reply Quote 0
                    • johnpozJ Online
                      johnpoz LAYER 8 Global Moderator
                      last edited by

                      So your host pc does not have any bindings to that 2nd nic you have connected to your bridged router.. Your sure its bridged, so your just using a wifi router as AP?  You have it connected to your host pc 2nd nic with one of its lan ports and have its dhcp turned off.

                      Or does your 2nd nic have an IP in the 192.168.10 network as well?  How exactly do you have that bridged router connected to your host pc?

                      So what are the connections in vmware player to those nics in your host pc, are they bridged or natted?  Normally vmware player tries to use natted connections where it creates its own networks.

                      If you don't want your wifi clients using the captive portal, then turn it off. Or setup you client pc with mac passthru on the captive portal, etc.

                      An intelligent man is sometimes forced to be drunk to spend time with his fools
                      If you get confused: Listen to the Music Play
                      Please don't Chat/PM me for help, unless mod related
                      SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                      1 Reply Last reply Reply Quote 0
                      • E Offline
                        eulereggae
                        last edited by

                        @johnpoz

                        dude i don't mean to offend or what. but i dont know if you are actually reading my post or my english is that bad.  ???

                        anyway my host has an ip of 192.168.2.2, pfsense is natted thru vmware, so it has a wan ip of 192.168.2.4,i configured its lan ip to 192.168.10.1/24, my bridged router of course has its DCHP turned off. pfsense hands out the right ip's, i can actually log in to its captive portal and browse the internet. the problem is when i RDP to my host. using the pc that is a client of pfsense so it has an ip of 192.168.10.97.

                        1 Reply Last reply Reply Quote 0
                        • johnpozJ Online
                          johnpoz LAYER 8 Global Moderator
                          last edited by

                          "anyway my host has an ip of 192.168.2.2, pfsense is natted thru vmware, so it has a wan ip of 192.168.2.4"

                          How do you expect that to work exactly if there is a NAT??  You can not put same network on both sides of a NAT

                          What version of player/workstation are you running.. I don't believe current versions of player allow you to edit the vmnets - but you can still pick between nat and bridged.  See attached image

                          So here is the thing if you want pfsense wan to be same network as your normal network 192.168.2.0/24 then the nic in vmware player/workstation needs to be bridged to your interface on you host machine that is connected to this network.

                          Now how exactly is this 192.168.10 network attached to your host machine???  This is another virtual nic in your pfsense VM.. What are the settings on that nic.. What physical nic is it attached too, or is it also Natted?

                          How you would normally set this up is your host would have 2 physical nics..  Your pfsense vm wan nic would be bridged to the physical nic that is connected to a network that has internet access.  Now your host machine can either have binding to this nic and IP on this interface.

                          Or it can have its binding and connection to the hosts 2nd nic and also bridged to the physical network.. This puts the HOST behind pfsense for internet access on pfsense LAN.  But if your going to have the host in front of pfsense on its WAN network then there should be NO binding on the 2nd host nic for anything other than the vmware bridging protocol – see 2nd image

                          If you host has connections in both of your networks both 192.168.2 and 192.168.10 and your trying to connect to its 192.168.2.2 address from a box on connected to its 192.168.10 network.. Your going to have issues.. So it answers you back from its other interface and you have what amounts to a asymmetrical routing issue

                          Please post up your vmware settings for your pfsense VM like my first pic.  Exactly what vmware product are you using player/workstation 10,11,12 ?? And please validate what physical nics your stuff is connected to on your HOST PC..  And an ipconfig /all from your host pc wouldn't hurt either.

                          vmwarenetworktype.png
                          vmwarenetworktype.png_thumb
                          phsyicalnicnobindings.png
                          phsyicalnicnobindings.png_thumb

                          An intelligent man is sometimes forced to be drunk to spend time with his fools
                          If you get confused: Listen to the Music Play
                          Please don't Chat/PM me for help, unless mod related
                          SG-4860 25.07.1 | Lab VMs 2.8.1, 25.07.1

                          1 Reply Last reply Reply Quote 0
                          • First post
                            Last post
                          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.