Pfsense Help

[The Sorrow]

My plan for my pfSense firewall is to have a LAN, Wireless Access Point interface, and a DMZ. Im not sure how to allow access to the internet with all interfaces (unless I'm just missing something). I have three NICs and one built in NIC. Here's an overview of my setup. Its a fresh install so I know I need to modify things to make it work (which I have, I just cant seem to figure it out).

WAN -> DHCP

LAN -> 10.10.1.0/24

DMZ -> 10.10.2.0/24

WAP -> 10.10.3.0/24

All the interfaces are statically assigned to *.*.*.254 for whatever range they belong to. Ive heard that pfSense has NAT set up to allow all the interfaces access to the internet and to each other and all I have to do is set up firewall rules. Ive tried allowing things and it never seems to work (IE allowing LAN to access DMZ so I can manage my DMZ boxes through LAN without allowing DMZ access to the LAN). So I'm not sure if i have a backwards idea of what I need to do or if I'm just crazy

Thanks

Edit: had the CINR notation incorrect. /16s instead of /24s

Edited September 1, 2011 by The Sorrow

[Infiltrator]

Don't know if you have seen this link, but should give it a try and see how you go.

http://doc.pfsense.org/smiller/Add_WiFi_Interface.htm

[ParMan]

This is also the Pfsense Forum

They are very helpful.

Might be wrong i have not actually looked into Pfsense configuration in a while but you might need to bridge the connections.

Edited September 6, 2011 by ParMan

[The Sorrow]

Been trying their forums. They aren't too helpful :/

[Infiltrator]

Been trying their forums. They aren't too helpful :/

Did that link I provide you shed any lights into your problem at all?

Edited September 8, 2011 by Infiltrator

[The Sorrow]

Not for what im doing Infiltrator. That was a link that DID come in very helpful for setting up my wireless AP. My issue lies in the fact that pfSense does not allow access to anything unless a rule says it has access. By default there is a rule that states ALL computers from the LAN interface are ALLOWED to access ALL interfaces. Im lost as to why i cant access a DMZ interface from my LAN.

Kinda thinking about trying out m0n0wall

Edited September 8, 2011 by The Sorrow

[Infiltrator]

Not for what im doing Infiltrator. That was a link that DID come in very helpful for setting up my wireless AP. My issue lies in the fact that pfSense does not allow access to anything unless a rule says it has access. By default there is a rule that states ALL computers from the LAN interface are ALLOWED to access ALL interfaces. Im lost as to why i cant access a DMZ interface from my LAN.

Kinda thinking about trying out m0n0wall

If I had extra hardware lying around in my room, I would dive into this problem for you.

[The Sorrow]

And that's why you are so awesome infiltrator!

[ParMan]

Try this

the setup looks the same as pfsense.

let me know if this helps if not i will keep looking around.

-edit-

Here is another one.

Also look into the order of your rules. What you want to pass needs to come before the Deny all.

Edited September 12, 2011 by ParMan

[The Sorrow]

*Sticks foot in mouth*

I had my pc set to static IP with no gateway because I don't have cable internet yet (Using wifi for internet right now) so once I put everything on DHCP (IE got a default gateway) everything works perfectly.

[ParMan]

Good im glad it all worked out for you.

[The Sorrow]

Me too... feel kinda dumb though... But thats computers for you i guess.