next »

[caleb]

Since it's a new install, I'm putting this in here rather than in the routing forum since it could be more than a routing issue...it could be a config issue.

So I'm attempting to replace my firewall device with a pfsense box to see if I get better performance.  On my firewall device I have multiple vans.  So when I was setting up pfsense, I setup the WAN (interface em0) then I setup the LAN (em1) then I setup all my vlans off of my lag as optional interfaces.  I named them all as they are in my firewall device, set gateways for each one, etc.  I can ping outside hosts (external DNS, etc) from my pfsense box, but my hosts inside my network can't ping out and they can't ping other hosts on my network and from outside in I can't ping anything.  Any suggestions on where to start looking? (unfortunately my pfsense box is at my data center and I have customers currently there so it's tough to bring down the network for too long at a time.)

If only there was a Cisco to pfsense config converter

[wallabybob]

I can ping outside hosts (external DNS, etc) from my pfsense box, but my hosts inside my network can't ping out and they can't ping other hosts on my network

Have you setup firewall rules on the OPTx interfaces to allow these accesses?

and from outside in I can't ping anything. 

Have you setup firewall rules on the WAN interface to allow these accesses?

Default firewall rule on LAN interface is to allow any access from LAN. Default firewall rule on all other interfaces is to block all accesses. Default is deemed to fit the most common requirements.

[caleb]

Thanks, I have not setup any rules.  I will start with that.

[caleb]

I ended up figuring it out.  It was a combination of a lot of things (rules, gateways, ips in general, etc)