Hi alla and excuse my little english.
Sorry for cross posting but in italian section i can't find answers.
This is the situation:
WAN: no problem here
LAN: 10.71.9.251/24 static only standard rules in firewall (anti lockout and lan to any), no problem here i can go to wan and opt
OPT1: 192.168.1.80/24 static i need to allow this net go to local lan, to some hosts only.
Firewall rules for OPT1:
Block TCP/UDP OPT1 Net port 135
Block TCP/UDP OPT1 Net port 137-139
Block TCP/UDP OPT1 Net port 445
Pass * OPT1 Net * LAn net * (this is pass 192.168.1.x to my lan no matter the port, i'm right?)
Actually pfsense isn't my gateway so i had to add static route on my pc (win xp) on the LAN interface
add route 192.168.1.0 mask 255.255.255.0 10.71.9.251
And i can see opt1 net.
I'm doing the same thing on a client in opt1 net (win xp, just for hosts i need):
add route 10.71.9.101 mask 255.255.255.255 192.168.1.80
add route 10.71.9.102 mask 255.255.255.255 192.168.1.80
add route 10.71.9.108 mask 255.255.255.255 192.168.1.80
add route 10.71.9.2 mask 255.255.255.255 192.168.1.80
i can ping and get answers from 10.71.9.2 (my pc on the LAN interface)
i can't have any answer from 10.71.9.10x on lan interface (centos server)
on 10.71.9.101 i have samba listening, allowed hosts 10.71.9.0/24 and 192.168.1.0/24
on 10.71.9.102 i have http, but not checked out ports/addresses
on 10.71.9.108 i didn't tested services yet
Maybe there's anything about NAT to configure?
thanks in advance.