Lost, not sure if issue is routing, gateway setup, etc



  • So, I am trying to solve a thorny problem, that I suspect is not as thorny as I am making it out to be.

    I want to use my pfsense box as an "inline" firewall, on one of my subnets/vlans and for the life of me I can not get it to work as expected.

    Out at one of the edges of my network, I am attempting to deploy a SG-4860 as a firewall that allows attached equipment on the untrusted side to connect to only a single host on the trusted side.

    I have tried everything I can think of to make this work, but it is just not happening.

    I simply want to allow all access from the trusted side to the untrusted side, and allow access to a single host/port combination from the untrusted side.

    I have successfully accessed the pfsense box over my network so I am fairly sure I have the ip/vlan/gateway/WAN setup properly, but after assigning an ip address to the LAN interface and setting up both WAN and LAN to have an allow all rule I can not ping anything from the LAN side.  I also can't ping the LAN side from the trusted portion of my network so I suspect this is some sort of routing/NAT issue.

    If you were attempting to deploy a PFSense install to allow access as listed above, how would you do this?  I thought it should be quite simple but either I am missing something or it is not as easy as I expected.  Happy to provide more specific information/config files if someone can help, but I am lost and frustrated at this point.

    Thanks,

    Joe



  • Bridge…..

    Duh, nevermind the previous request, I assumed (I know, I know.....) that PFSense would act like a switch without bridging enabled.


Log in to reply