Lost, not sure if issue is routing, gateway setup, etc
-
So, I am trying to solve a thorny problem, that I suspect is not as thorny as I am making it out to be.
I want to use my pfsense box as an "inline" firewall, on one of my subnets/vlans and for the life of me I can not get it to work as expected.
Out at one of the edges of my network, I am attempting to deploy a SG-4860 as a firewall that allows attached equipment on the untrusted side to connect to only a single host on the trusted side.
I have tried everything I can think of to make this work, but it is just not happening.
I simply want to allow all access from the trusted side to the untrusted side, and allow access to a single host/port combination from the untrusted side.
I have successfully accessed the pfsense box over my network so I am fairly sure I have the ip/vlan/gateway/WAN setup properly, but after assigning an ip address to the LAN interface and setting up both WAN and LAN to have an allow all rule I can not ping anything from the LAN side. I also can't ping the LAN side from the trusted portion of my network so I suspect this is some sort of routing/NAT issue.
If you were attempting to deploy a PFSense install to allow access as listed above, how would you do this? I thought it should be quite simple but either I am missing something or it is not as easy as I expected. Happy to provide more specific information/config files if someone can help, but I am lost and frustrated at this point.
Thanks,
Joe
-
Bridge…..
Duh, nevermind the previous request, I assumed (I know, I know.....) that PFSense would act like a switch without bridging enabled.