Re: [pfSense] PRIVATE WAN CAN NOT PING PRIVATE LOCAL NETWORK
Donot setup any gateway for LAN Outgoing connections Try to ping firewall , if u are not able to get internet access ; then enable outgoing connections for LAN Check in Status-DHCP Leases to know if ur traffic flows through firewall On Thu, Sep 4, 2014 at 2:55 PM, Giles Coochey gi...@coochey.net wrote: On 04/09/2014 09:58, Enock Halonda wrote: Hello All, Hope your all well. I need some assistance.I have setup my pfsense system as below. WAN IP (IP from ISP) on Pfsense (10.20.5.1/24)-- LOCAL LAN IP on Pfsense (192.168.0.0/22) From the diagnosis on my Pfsense, i can ping from my WAN (10.20.5.2 as source) to LAN Interface. I can not however ping any workstation on the local network for example: 192.168.1.4. I can of course ping the IP: 192.168.1.4 from the LAN interface as the source under my diagnosis. Internet Access is available. I just want to be able to get to the local IP's on the LAN network from the WAN Interface. Has anyone faced this or can anyone advise. Thanks alot. For starters, you would need a rule to allow inbound traffic from your WAN to your LAN, pfsense by its nature, blocks inbound traffic on the WAN interface. Secondly, you will need to uncheck Block private networks on your WAN interface. Lastly, I'm assuming that you have disabled NAT already, and that your ISP is doing NAT for both your LAN and WAN subnets. -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7584 634135http://www.coochey.nethttp://www.netsecspec.co.ukgi...@coochey.net ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
[pfSense] PRIVATE WAN CAN NOT PING PRIVATE LOCAL NETWORK
Hello All, Hope your all well. I need some assistance.I have setup my pfsense system as below. WAN IP (IP from ISP) on Pfsense (10.20.5.1/24)-- LOCAL LAN IP on Pfsense (192.168.0.0/22) From the diagnosis on my Pfsense, i can ping from my WAN (10.20.5.2 as source) to LAN Interface. I can not however ping any workstation on the local network for example: 192.168.1.4. I can of course ping the IP: 192.168.1.4 from the LAN interface as the source under my diagnosis. Internet Access is available. I just want to be able to get to the local IP's on the LAN network from the WAN Interface. Has anyone faced this or can anyone advise. Thanks alot. BR, Halonda Denis Enock. Tel: +256 (0) 772 840 763. SMS Text: +256 (0) 772 840 763. Email: ehalo...@yahoo.com Yahoo Chat ID: ehalonda Skype ID: enock.halonda In a time of Universal deceit, telling the truth is a revolutionary act, George Orwell.___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
Re: [pfSense] PRIVATE WAN CAN NOT PING PRIVATE LOCAL NETWORK
On 04/09/2014 09:58, Enock Halonda wrote: Hello All, Hope your all well. I need some assistance.I have setup my pfsense system as below. WAN IP (IP from ISP) on Pfsense (10.20.5.1/24)-- LOCAL LAN IP on Pfsense (192.168.0.0/22) From the diagnosis on my Pfsense, i can ping from my WAN (10.20.5.2 as source) to LAN Interface. I can not however ping any workstation on the local network for example: 192.168.1.4. I can of course ping the IP: 192.168.1.4 from the LAN interface as the source under my diagnosis. Internet Access is available. I just want to be able to get to the local IP's on the LAN network from the WAN Interface. Has anyone faced this or can anyone advise. Thanks alot. For starters, you would need a rule to allow inbound traffic from your WAN to your LAN, pfsense by its nature, blocks inbound traffic on the WAN interface. Secondly, you will need to uncheck Block private networks on your WAN interface. Lastly, I'm assuming that you have disabled NAT already, and that your ISP is doing NAT for both your LAN and WAN subnets. -- Regards, Giles Coochey, CCNP, CCNA, CCNAS NetSecSpec Ltd +44 (0) 8444 780677 +44 (0) 7584 634135 http://www.coochey.net http://www.netsecspec.co.uk gi...@coochey.net smime.p7s Description: S/MIME Cryptographic Signature ___ List mailing list List@lists.pfsense.org https://lists.pfsense.org/mailman/listinfo/list
