next »

[climblinne]

I have the following configuration under PfSense 2.0.1:

WAN1: Not used until now, will be a static IP address from Wimax connection
WAN2: ADSL-Router, IP DHCP, 192.168.1.2, Gateway 192.168.1.1, Firewall - default blocking
LAN: 10.17.60.251, No DHCP, Mask 255.255.255.0, Firewall: Allow *
WLAN1: 192.168.2.1, DHCP activated, Mask 255.255.255.0, Firewall: Allow *
WLAN2: 192.168.3.1, DHCP activated, Mask 255.255.255.0, Firewall: Allow * (same wireless card, second AP)

Internet through WAN2 from LAN, WLAN1 is working.
Access from LAN to WLAN1  is working.
Access from WLAN1 to LAN is not working and I don't understand why?

Actually NAT is set to auto translation. The route list in the status looks correct.

In the beginning I had the LAN segment at the WAN port and this I could reach from the WLAN port.
Hopefully anybody can help me...

[heper]

normally a firewall rule on the wlan tab with destination any or lan-subnet should work if the default gateway is used.

be sure you havent specified a specific gateway on the "allow *" rule

[marvosa]

Are you getting internet on WLAN2?

So on WLAN2, you have created a 2nd AP configured with the 192.168.3.0/24 subnet on the same card for people to connect to? (a network map would be helpful)

Can you post the routing table on PFsense?

[climblinne]

normally a firewall rule on the wlan tab with destination any or lan-subnet should work if the default gateway is used.

be sure you havent specified a specific gateway on the "allow *" rule

I use the default gateway already with all set to "*"

[climblinne]

Are you getting internet on WLAN2?

So on WLAN2, you have created a 2nd AP configured with the 192.168.3.0/24 subnet on the same card for people to connect to? (a network map would be helpful)

Can you post the routing table on PFsense?

One WLAN should be for internal use and the other one should be later a guest account with internet access only.
But until now both are full functional with * rules and internet is working for both of them.

The WAN1 sould be later the main internet connection & WAN2 the backup internet connection. WAN2 i also used later for the guest access. For testing I only have WAN2 connected, because our other router is still active


IPv4
Destination   Gateway   Flags   Refs   Use   Mtu   Netif   Expire
default   192.168.1.1   UGS   0   7946   1500   vr2   
8.8.8.8   192.168.1.1   UGHS   0   372   1500   vr2   
10.17.60.0/24   link#1   U   0   734   1500   vr0   
10.17.60.251   link#1   UHS   0   0   16384   lo0   
1.2.3.224/30   link#2   U   0   0   1500   vr1      //  not used WAN1 IP modified
1.2.3.226    link#2   UHS   0   0   16384   lo0       // not used WAN1 IP modified
127.0.0.1   link#6   UH   0   155   16384   lo0   
192.168.1.0/24   link#3   U   0   20687   1500   vr2   
192.168.1.2   link#3   UHS   0   0   16384   lo0   
192.168.2.0/24   link#9   U   0   4893   1500   ath0_wlan1   
192.168.2.1   link#9   UHS   0   0   16384   lo0   
192.168.3.0/24   link#10   U   0   8444   1500   ath0_wlan2   
192.168.3.1   link#10   UHS   0   0   16384   lo0