Nevermind. I solved it by accidentally recreate my LAN interface. It works now.
Regards GodriL On Mon, Sep 30, 2013 at 2:53 PM, godril <[email protected]> wrote: > Hi, > > I dont know if this been already discussed, since I just joined this > mailing list, but I'll push my luck. > > Previously I ran happily with pfSense 2.0 with another router behind it to > handle the LAN traffic. > > The schema looks like this: > > internet <--> pfSense <--> subnet 192.168.1.0/24 <---> router > (192.168.1.253) > > | | > other servers (192.168.1.0/24) > LAN (192.168.12.0/24) > > a.) There was static route I put on pfsense to LAN (192.168.12.0/24) so I > could access all servers in 192.168.1.0/24 and vice versa. (of course I > checked the "*Bypass firewall rules for traffic on the same interface* " > under System -> Advanced -> Firewall/NAT menu. > > b.) I could access internet also because LAN was NATed directly by pfSense > (not by the router (192.168.1.253). > > Then here's the problem: > Last week I updated the pfSense to 2.1. I can access internet from LAN. > All Servers at 192.168.1.0/24 can access internet also. But I have > problems with point b.). > > I can access 192.168.1.0/24 from LAN but not the other way. In fact, I > can only ping all servers from LAN after I make an access (via ssh, http, > etc) first, and then the ping will reply. I cant ping/access back from my > servers to hosts inside LAN. My current checked setting on Firewall/NAT > menu are: > > - Bypass firewall rules for traffic on the same interface > - Enable NAT + Proxy ( I have 1:1 NAT servers). > - Enables the automatic creation of additional NAT redirect rules for > access to 1:1 mappings of your external IP addresses from within your > internal networks. > - Automatically create outbound NAT rules which assist inbound NAT rules > that direct traffic back out to the same subnet it originated from. > > What could possibly I missed from aforementioned setup? > > Thank you in advance. > > regards > GodriL >
_______________________________________________ List mailing list [email protected] http://lists.pfsense.org/mailman/listinfo/list
