Jump to content

Pfsense Help


The Sorrow
 Share

Recommended Posts

My plan for my pfSense firewall is to have a LAN, Wireless Access Point interface, and a DMZ. Im not sure how to allow access to the internet with all interfaces (unless I'm just missing something). I have three NICs and one built in NIC. Here's an overview of my setup. Its a fresh install so I know I need to modify things to make it work (which I have, I just cant seem to figure it out).

WAN -> DHCP

LAN -> 10.10.1.0/24

DMZ -> 10.10.2.0/24

WAP -> 10.10.3.0/24

All the interfaces are statically assigned to *.*.*.254 for whatever range they belong to. Ive heard that pfSense has NAT set up to allow all the interfaces access to the internet and to each other and all I have to do is set up firewall rules. Ive tried allowing things and it never seems to work (IE allowing LAN to access DMZ so I can manage my DMZ boxes through LAN without allowing DMZ access to the LAN). So I'm not sure if i have a backwards idea of what I need to do or if I'm just crazy

Thanks

Edit: had the CINR notation incorrect. /16s instead of /24s

Edited by The Sorrow
Link to comment
Share on other sites

Don't know if you have seen this link, but should give it a try and see how you go.

http://doc.pfsense.org/smiller/Add_WiFi_Interface.htm

Link to comment
Share on other sites

Been trying their forums. They aren't too helpful :/

Did that link I provide you shed any lights into your problem at all?

Edited by Infiltrator
Link to comment
Share on other sites

Not for what im doing Infiltrator. That was a link that DID come in very helpful for setting up my wireless AP. My issue lies in the fact that pfSense does not allow access to anything unless a rule says it has access. By default there is a rule that states ALL computers from the LAN interface are ALLOWED to access ALL interfaces. Im lost as to why i cant access a DMZ interface from my LAN.

Kinda thinking about trying out m0n0wall

Edited by The Sorrow
Link to comment
Share on other sites

Not for what im doing Infiltrator. That was a link that DID come in very helpful for setting up my wireless AP. My issue lies in the fact that pfSense does not allow access to anything unless a rule says it has access. By default there is a rule that states ALL computers from the LAN interface are ALLOWED to access ALL interfaces. Im lost as to why i cant access a DMZ interface from my LAN.

Kinda thinking about trying out m0n0wall

If I had extra hardware lying around in my room, I would dive into this problem for you.

Link to comment
Share on other sites

Try this

the setup looks the same as pfsense.

let me know if this helps if not i will keep looking around.

-edit-

Here is another one.

Also look into the order of your rules. What you want to pass needs to come before the Deny all.

Edited by ParMan
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...