bthoven Posted October 3, 2023 Share Posted October 3, 2023 (edited) I already have a standalone pfSense router box running. I intend to create a pfSense testing environment as a VM on my running Unraid box which has only one ethernet port. What I did so far: create a vlan no 2 from br0 ---> br0.2, with ip 10.0.1.2/24 (my Unraid ip is 192.168.x.x) create a pfSense VM on Unraid, by using vtnet0 as WAN interface and vtnet0.2 as LAN interface. The WAN address is 192.168.x.20 create a LAN firewall rule to allow LAN net to access any ip/port create dhcp server for LAN interface as 10.0.1.1/24 create a debian VM on Unraid, by using br0.2 as network and get a dhcp address 10.0.1.11 (with dns 10.0.1.2) Status/Problem: my desktop pc can't access pfSense test from my main LAN (on my production pfSense). I have to disable the test pfsense rule by command line pfctl -d the test pfsense can access internet by its builtin resolver (in pfsense console, can ping 8.8.8.8 or ping google.com) the debian vm can't access internet at at all. (Update: this has been solved by changing LAN interface ip from 10.0.1.2-->10.0.1.1) Question: I don't know I did it all wrong or I can just set some more firewall rules on my test pfsense to allow internet access from my debian vm (Update: this has been solved. From pfSense webui, I change LAN interface ip from 10.0.1.2 to 10.0.1.1) why I can't access my pfsense test from my production LAN devices, unless I disable pfsense test config by command pfctl -d? What are additional rules I need to put on the WAN interface? (Update: I followed the article in this link and I can now access my pfsense firewall gui from my local (production) LAN: https://bobcares.com/blog/pfsense-allow-web-gui-from-wan/ ) Thanks in advance for any suggestions. Edited October 3, 2023 by bthoven update status Quote Link to comment
Solution bthoven Posted October 3, 2023 Author Solution Share Posted October 3, 2023 After searching for solutions on internet, my problem has been solved and noted in the OP. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.