Allow LAN to Access Devices from OPT1

Hi, im new to Pfsense and I stumbled upon this problem. I can access LAN devices from OPT1 by configuring a wide open rule. However, I cannot access any device connected to OPT1 from the LAN Network. Both networks can access the internet. I can also ping OPT1 (gateway) from LAN.

Here’s my config:
LAN: 192.168.10.1
OPT1: 192.168.11.1

I would like to be able to access devices back and from both interfaces. Hopefully you can help me on this. Thanks

You need two rules. Protocol Any, IPV4+6, Pass, top priority.

In LAN interface
Source LAN net destination OPT1 net
In OPT1 interface
Source OPT1 net destination LAN net

Other than that it could be your OS firewall that is getting in the way.

2 Likes

@Chooks You say you are new to pfSense. Is @NZSNIPER’s brief response clear to you? Do you want a little more explanation?

May I ask why you are using both LAN & OPT1 ports? Normally, one does this in order to have some degree of separation between two sub-LANs.

@NZSNIPER’s response, which does sound like what you requested, will effectively remove any isolation or protection between them. You could instead just plug all the devices into a switch and connect that to the LAN port (or OPT1).

If you don’t want quite that much togetherness, you will need to plan which subset of packets is passed between LAN and OPT1, and a possibly different subset from OPT1 to LAN.

Good luck.