Hi Dave, Thanks for the quick reply but I am kind of at a loss. Once I see it work I am certain it will make sense but .....
Right now on my firewall rules LAN tab I have Action: Pass Interface: LAN Protocol: any (I assume this also include ICMP???) Source: Single Host (10.0.1.100) Destination: Network (10.0.0.0 / 24) Gateway: default To me this means that 10.0.1.100 can talk to any machine in the 10.0.0.0 / 24 network about anything (ping, ftp, www, ldap, etc) On OPT1 tab I have Action: Pass Interface: OPT1 Protocol: any (I assume this also include ICMP???) Source: Network (10.0.0.0 / 24) Destination: Single Host (10.0.1.100) Gateway: default To me this means that any machine in the 10.0.0.0 / 24 network can talk to 10.0.1.100 about anything (ping, ftp, www, ldap, etc) Are my assumptions incorrect? I am just starting to do more than simple NAT with pfSense and am finding it has a wide array of configurations, once you get your head screwed on straight. Thanks. -----Original Message----- From: David Burgess [mailto:[email protected]] Sent: Saturday, September 18, 2010 12:05 PM To: [email protected] Subject: Re: [pfSense Support] Allow Traffic Between Interfaces On Sat, Sep 18, 2010 at 9:59 AM, Ron Lemon <[email protected]> wrote: > On LAN interface I created PASS on LAN for ANY protocol from 10.0.1.100 / 32 > (Single Host) on any port to network 10.0.0.0 / 24 > > On LAN interface I created PASS on LAN for ANY protocol from 10.0.1.101 / 32 > (Single Host) on any port to network 10.0.0.0 / 24 Looks like your "from" addresses need to be "to" addresses. db --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] Commercial support available - https://portal.pfsense.org
