Unable to access internal network through PfSense WAN port

vpn firewall domain domain-controller pfsense
8,075

Without seeing your pfsense rules my inclination is to say "Working As Designed" -- most firewalls are configured to prevent people on the outside (WAN port) from accessing resources on the inside (LAN port).

If you want to let people from the outside in you need to either punch firewall holes (including 1:1 NAT or port redirection, if you're using NAT) or set up a VPN. The latter is a better solution in nearly every case...

Share:
8,075

Related videos on Youtube

Sean
Author by

Sean

Updated on September 18, 2022

Comments

  • Sean
    Sean over 1 year

    Our branch office is unable to connect to our internal network for some reason. However we can connect to the branch office domain controller from behind PfSense. The following is our setup:

                        |Branch DC - 192.168.0.101
                    |
                    |Branch Firewall - 192.168.0.2
                    |
                    |(Internet)
                    |
                    |Local Firewall - 192.168.3.1
                    |
                    |PFSense WAN port - 192.168.3.100
                    |PFSense LAN port - 192.168.1.1
                    |
                    |
   DC1 - 192.168.1.2|DC2 - 192.168.1.4
    • Branch DC can ping and connect to PFSense WebGUI on the WAN port successfully (we set this up using the PfSense documentation).
    • DC1 and DC2 can connect outbound to the Branch DC.

    There seems to be a rule that prevents internal access on the WAN port. However our rules are set to allow all traffic on the LAN and WAN ports. It would be ideal to just disable the firewall altogether since we already have a firewall but when we do this, PfSense doesn't allow any internal traffic at all. I look forward to any assistance and thank you ahead of time.

    • voretaq7
      voretaq7 almost 13 years
      Do you have a (redacted) copy of the firewall rules for both sides of the connection? Is the Branch Firewall running pfsense as well?
  • Sean
    Sean almost 13 years
    We were trying to avoid using VPN since we already connect to our branch office using a Site-to-Site VPN. Regarding NAT, that would be the only other way then? We basically want our Domain Controllers to begin replicating properly again.
  • rackandboneman
    rackandboneman over 11 years
    This looks like a setup with a literal dedicated WAN (from the private IP used on it)...

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Using pfSense, OpenVPN Connects but Still Can't See the Network
Can you run a VPN connection over HTTP?
UFW or IPTables on Ubuntu for OpenVPN?
Can't connect to PPTP VPN with ufw enabled on Ubuntu 14.04 with kernel 3.18
UFW for OpenVPN
PFSense IPSec connection established, wan works, lan not
IPsec on pfSense: Tunnel is up, but I can't connect to remote host
WireGuard VPN and Uncomplicated Firewall
How to configure ufw-firewall for OpenVPN
How to access google/github respository behind VPN?