I have a pfsense box with 3 nics. Eth0 is WAN which, eth1 is LAN with 192.168.1.0 subnet and eth2 is LAN2 with 192.168.2.0. I am unable to route traffice out to internet from LAN2. I have DHCP running on LAN2. Everything works for LAN1 but not for LAN2. I want LAN2 to use the WAN interface to go out to internet just like LAN1. I do get IP from LAN2 and I am able to ping the interface gateway 192.168.2.1 but that is about it. How do I get LAN2 internet access.
-
Unsolved PFSense with 3 NICs
-
CyberWarrior,
Great question, let's see what we can do to help make sense of the answer for you.
By default pfSense does not add any rules for the Interfaces other than WAN and LAN, so LAN-2 which is probably (at least originally) OPT1 in pfsense does not have any rules.
Go to Rules and select the interface and add the appropriate rule(s) for the PC on that interface, and that should take care of the problem.
The URL below may be a little dated, as it from 2015, but the general concepts and overall information is still helpful, give it a quick look as well:
Good luck !!
Adam
-
Please check the following to make the interfaces connect to internet from pfSense.
- Check your firewall rules, verify that your LAN2 traffic has a rule where LAN2 is your source and then
*is your destination . Also that protocol isany. - Check your NAT Rules under
outboundverify you have NAT rules for the WAN interface with your LAN2 subnet using theWAN address.
If you don't have #1, then Adam's advice will help and you'll need to set up the rule for LAN2.
But it's not all, because you're using Private IP Addresses (RFC 1918) for your LAN2, you'll also need to configure NAT to work with them. If this outbound NAT is missing, traffic will not be allowed out either.
Try both of these and let me know what the result is...I may have missed something!
addendum you may also need to set your DNS servers for LAN2 as well.
Cordially,
Ronnie Wong
Edutainer, ITProTV*if the post above has answered the question, please mark the topic as solved.
**All "answers" and responses are offered "as is" and my opinion. There is no implied support or guarantee by the ITProTV team. - Check your firewall rules, verify that your LAN2 traffic has a rule where LAN2 is your source and then
