Thanks for your answer.
I did it. It was a missing rule on top of all other firewall rules without
setting a special gateway ("*")
That did it.
Tim
Am 21. Januar 2015 12:57:02 MEZ, schrieb Christoph Hanle
<[email protected]>:
>On 21.01.2015 11:28, 51537551.3:51537551.3 wrote:
>> LAN: 192.168.6.0/24
>> WAN0: 192.168.0.0/24
>> WAN1: 192.168.1.0/24
>> OPT: 192.168.7.0/24
>
>> What I am trying to achive is that I can connect/ping/etc. the
>clients behind
>> OPT (192.168.7.0/24) from clients on LAN (192.168.6.0/24), but not
>the other way
>> round. All I can connect to is the other pfsense gateway
>(192.168.7.1).
>>
>> What am I missing?
>>
>Hi Tim,
>you are missing proper rules and a route on the other pfSense and.or on
>the clients in the OPT Lan.
>My way to get this done:
>- Disable "block private networks" on each interface
>- create an Alias "RFC1918" with all private Networks
>- on top (after rules for access to firewall) create explicit rules to
>other RFC networks
>- then create a reject and a block rule to RFC1918 networks (log this).
>- DHCP Option 121 on the DHCP server for OPT with values for LAN
>network
>for clients without DHCP do a route add -p
>- route on pfSense2 192.168.7.1 to LAN
>
>
>bye
>Christoph
_______________________________________________
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
