Hi there :) well after allot of headbanging i decided to give the forum a shot for some help.
So I first tried opnsense but it gave me an issue and decided to get pfsense which in turn had the same issue. So i am either missing something really obvious or somethings busted. So here is the situation.
I have 45 Computers on the work network. They all come together at a 24 port Dlink switch. From there they go to the router. Now I want to put in a firewall in between those two for various reasons. I start a fresh install. I assign the network cards and I set the WAN to DHCP to the router and the LAN i set to 192.168.1.3(my router is 192.168.1.1), subnet to 24. And thats it. from the pfsense box I can ping the router just fine but for some reason I cant ping anything else through the Lan or vice versa.
I have changed the network cards t cross out network failure. I have re-installed and reset the pfsense box a few times. When I have the network "Looped" having a network cable between the router and box and the router and switch everything works fine (Except the dns with the loop doesnt work at all) but as soon as it is just the pfsense box between the switch and router I loose access.
Hope someone can pull me out of the dark! thanks in advance :)
muswellhillbilly last edited by
Ok, so if I understand this correctly you have a router with IP 192.168.1.1 running to your WAN connection on your PFS and the PFS is getting it's WAN address via DHCP from the router, correct? And your LAN address is 192.168.1.3 on the PFS also, correct? In which case you have both your WAN and LAN address ranges the same, which won't work. You have to make the WAN and LAN sides different address blocks so you can route traffic correctly from one side to the other. So, for example, make your WAN address range 192.168.1.0/24 and your LAN 172.16.1.0/24, with your LAN hosts using the PFS LAN NIC as their default gateway on the 172.16.1.0/24 side and you're done.
If this isn't what you're doing, then you'll have to provide more information, such as how your LAN clients are getting their addresses (and in what range), what default gateway your clients are using and what gateway the firewall is set to, etc.
Gertjan last edited by
…. I assign the network cards and I set the WAN to DHCP to the router and the LAN i set to 192.168.1.3(my router is 192.168.1.1), subnet to 24. And thats it. ..
You are giving yourself an extra hard time by break network master rule number one :
You put a router after a router. Don't.
This is NOT an innocent setup.
The day you become 'network minded' you could consider putting a router after a router ….. but you won't :)
Please, first :
Make an image with your network setup - and all the IP's on all sides.
The we will post a solution for you.
edit muswellhillbilly started to explain the issue.
I just like to add this : On your WAN interface settings page, remove the check called "Block private networks" (otherwise the non-routable local IP's aren't routed like 192.168.1.0/24 if you use that on WAN)
Thanks allot for the info :) Ok First let me correct something. When I say "router" I mean all its job is connecting to the internet. The isp provides this piece of shit and our company is cheap :P so i try my best. So its probably more like a modem to the PFS.
Thanks for the info I will go try it tonight after everyone leaves :) I will change the Router connecting to the adsl to change the range it gives to something else for the WAN and give it a test :) I Will give feedback after trying this. Also I have tried unchecking that option as well :)
After changing the ip's as suggested and removing the "loop" everything started working like clock work :) thanks allot guys!